faq: expand uninstall section (fixes #24231)

docs/en/faq.wml

@@ -837,27 +837,43 @@
     </a></h3>
 
     <p>
-    Tor Browser does not install itself in the classic sense of applications.
-    You just simply delete the folder or directory named "Tor Browser" and it
-    is removed from your system.
+    For <a href="<page download/download-easy>">Tor Browser</a> please have a look at
+    the uninstall section of our
+    <a href="https://tb-manual.torproject.org//en-US/uninstalling.html">Tor
+    Browser User Manual</a>.
+
+    <p>
+    How to uninstall Tor depends on how it was installed and which operating
+    system you have. In any case also make sure to remove the Tor's
+    <a href="#datadir">data directory</a> if you want to wipe all traces.
     </p>
 
     <p>
-    If this is not related to Tor Browser, uninstallation depends entirely on
-    how you installed it and which operating system you have. If you installed
-    a package, then hopefully your package has a way to uninstall itself.
-    The Windows packages include uninstallers.
+    If you <a href="<page download/download-unix>">installed Tor with a
+    package manage</a> (the recommended way), then it should provide an easy
+    way to remove as well (check the manpage if you are unfamiliar with it).
+    If you also want to remove traces of Tor, follow the link above to find
+    Tor's data directory and check that the package manager does not accumulate
+    logs (usually they do) exposing the former existence of Tor on this system
+    (for example in <code>/var/log/dpkg.log</code> on Debian based systems).
+    Tor itself does not create logs by default.
     </p>
 
     <p>
-    For Mac OS X, follow the
-    <a href="<page docs/tor-doc-osx>#uninstall">uninstall directions</a>.
+    If you installed it from source, there is no easy uninstall method, but you
+    are on the bright side: By default it only creates files in
+    <code>/usr/local/</code> and it should be pretty easy to notice things
+    there.
     </p>
 
     <p>
-    If you installed by source, I'm afraid there is no easy uninstall method.
-    But on the bright side, by default it only installs into /usr/local/ and it
-    should be pretty easy to notice things there.
+    The Windows packages include uninstallers. See below if you installed Tor
+    as a system service for example on <a href="#NTService">Windows NT</a>.
+    </p>
+
+    <p>
+    To remove Tor from Mac OS X, follow these
+    <a href="<page docs/tor-doc-osx>#uninstall">uninstall directions</a>.
     </p>
 
     <hr>
@@ -2750,6 +2766,7 @@ don't want to deal with abuse issues.</a></h3>
     be sure to run the service removal command (shown above) first before
     running the uninstaller from "Add/Remove Programs". The uninstaller is
     currently not capable of removing the active service.
+    Also see <a href="#HowUninstallTor">How to uninstall Tor?</a>
     </p>
 
     <hr>

docs/en/tor-doc-osx.wml

@@ -106,13 +106,17 @@
     <br>
 
     <p>Change your application proxy settings back to their original
-    values.  If you just want to stop using Tor, you can end at this
+    values. If you just want to stop using Tor, you can end at this
     point.</p>
 
     <p>If you want to completely remove Tor, type into a Terminal window:</p>
 
     <pre>sudo port uninstall tor</pre>
 
+    <p>Also see
+    <a href="<page docs/faq>#HowUninstallTor">How to uninstall Tor?</a>
+    </p>
+
   </div>
   <!-- END MAINCOL -->
   <div id = "sidecol">

include/warning.wmi

@@ -0,0 +1,132 @@
+#! /usr/bin/wml
+<: use strict; :>
+<: use warnings; :>
+
+#<!-- included by the download pages -->
+
+<div class="warning">
+<a name="warning"></a>
+<a name="Warning"></a>
+<h2><a class="anchor" href="#warning">Want Tor to really work?</a></h2>
+	<p>You need to change some of your habits, as some things won't work exactly as
+you are used to.</p>
+
+<ol>
+<li><b>Use Tor Browser</b>
+
+<p>
+
+Tor does not protect all of your computer's Internet traffic when you
+run it. Tor only protects your applications that are properly configured to
+send their Internet traffic through Tor. To avoid problems with Tor
+configuration, we strongly recommend you use the
+<a href="<page projects/torbrowser>">Tor Browser</a>. It is pre-configured to protect
+your privacy and anonymity on the web as long as you're browsing with Tor
+Browser itself. Almost any other web browser configuration is likely to be
+unsafe to use with Tor.
+
+</p>
+
+</li>
+
+<li><b>Don't torrent over Tor</b>
+<p>
+Torrent file-sharing applications have been observed to ignore proxy 
+settings and make direct connections even when they are told to use Tor. 
+Even if your torrent application connects only through Tor, you will 
+often send out your real IP address in the tracker GET request, 
+because that's how torrents work. Not only do you <a 
+href="https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea">
+deanonymize your torrent traffic and your other simultaneous Tor web 
+traffic</a> this way, you also slow down the entire Tor network for everyone else. 
+</p>
+</li>
+
+<li><b>Don't enable or install browser plugins</b>
+
+<p>
+
+Tor Browser will block browser plugins such as Flash, RealPlayer,
+Quicktime, and others: they can be manipulated into revealing your IP address.
+Similarly, we do not recommend installing additional addons or plugins into
+Tor Browser, as these may bypass Tor or otherwise harm your anonymity and
+privacy.
+
+</p>
+
+</li>
+
+<li><b>Use HTTPS versions of websites</b>
+
+<p>
+
+Tor will encrypt your traffic
+<a href="<page about/overview>#thesolution">to and
+within the Tor network</a>, but the encryption of your traffic to the final
+destination website depends upon on that website. To help ensure private
+encryption to websites, Tor Browser includes <a
+href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to force the
+use of HTTPS encryption with major websites that support it. However, you
+should still watch the browser URL bar to ensure that websites you provide
+sensitive information to display a
+<a href="https://support.mozilla.com/en-US/kb/Site%20Identity%20Button">blue or
+green URL bar button</a>, include <b>https://</b> in the URL, and display the
+proper expected name for the website. Also see EFF's interactive page
+explaining <a href="https://www.eff.org/pages/tor-and-https">how Tor
+and HTTPS relate</a>.
+
+</p>
+
+</li>
+
+<li><b>Don't open documents downloaded through Tor while online</b>
+
+<p>
+
+Tor Browser will warn you before automatically opening documents that are
+handled by external applications. <b>DO NOT IGNORE THIS WARNING</b>.  You
+should be very careful when downloading documents via Tor (especially DOC and
+PDF files, unless you use the PDF viewer that's built into Tor Browser) as
+these documents can contain Internet resources that will be downloaded outside
+of Tor by the application that opens them. This will reveal your non-Tor IP
+address. If you must work with DOC and/or PDF files, we strongly recommend
+either using a disconnected computer,
+downloading the free <a href="https://www.virtualbox.org/">VirtualBox</a> and
+using it with a <a href="http://virtualboxes.org/">virtual machine image</a>
+with networking disabled, or using <a href="https://tails.boum.org/">Tails</a>.
+Under no circumstances is it safe to use
+<a href="https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea">BitTorrent
+and Tor</a> together, however.
+
+</p>
+
+</li>
+
+<li><b>Use bridges and/or find company</b>
+
+<p>
+
+Tor tries to prevent attackers from learning what destination websites you
+connect to. However, by default, it does not prevent somebody watching your Internet
+traffic from learning that you're using Tor. If this matters to you, you can
+reduce this risk by configuring Tor to use a <a href="<page docs/bridges>#PluggableTransports">
+Pluggable Transport</a> rather than connecting directly to the public Tor network.
+Ultimately the best protection is a social approach: the more Tor
+users there are near you and the more
+<a href="<page about/torusers>">diverse</a> their interests, the less
+dangerous it will be that you are one of them. Convince other people to use
+Tor, too!
+
+</p>
+
+</li>
+
+</ol>
+<br>
+<p>
+Be smart and learn more. Understand what Tor does and does not offer.
+This list of pitfalls isn't complete, and we need your
+help <a href="<page getinvolved/volunteer>#Documentation">identifying and documenting
+all the issues</a>.
+</p>
+</div>