From 817b85933fc75e9f6b865dad935e3a254457d466 Mon Sep 17 00:00:00 2001 From: anarsec Date: Wed, 17 Apr 2024 20:31:56 +0000 Subject: [PATCH] metadata update --- content/posts/metadata/index.md | 6 +++--- content/posts/qubes/index.md | 4 +--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/content/posts/metadata/index.md b/content/posts/metadata/index.md index 1f57840..fff3b9a 100644 --- a/content/posts/metadata/index.md +++ b/content/posts/metadata/index.md @@ -21,7 +21,7 @@ letter="metadata-letter.pdf" # Metadata Anonymization Toolkit -Fortunately, there is a tool that comprehensively cleans metadata, and it is available as both a [command line interface](/glossary#command-line-interface-cli) and a graphical user interface. The command line version is called `mat2` and is [open-source](https://0xacab.org/jvoisin/mat2), and the graphical version is called [Metadata Cleaner](https://metadatacleaner.romainvigier.fr/) and is also [open-source](https://gitlab.com/rmnvgr/metadata-cleaner/). Both programs are included in [Tails](/tags/tails/) and [Qubes-Whonix](/posts/qubes/#whonix-and-tor) by default. +Fortunately, there is a tool that comprehensively cleans metadata, and it is available as both a [command line interface](/glossary#command-line-interface-cli) and a graphical user interface. The command line version is called `mat2` and is [open-source](https://0xacab.org/jvoisin/mat2), and the graphical version is called Metadata Cleaner and is also [open-source](https://gitlab.com/rmnvgr/metadata-cleaner/). Both programs are included in [Tails](/tags/tails/) and [Qubes-Whonix](/posts/qubes/#whonix-and-tor) by default. # Using the Metadata Cleaner @@ -29,9 +29,9 @@ If you are not comfortable with the command line, we recommend using Metadata Cl Metadata Cleaner shows the metadata it detects, but "it doesn't mean that a file is clean from any metadata if mat2 doesn't show any. There is no reliable way to detect every single possible metadata for complex file formats." This means that you should clean the file even if no metadata is displayed. -To use the Metadata Cleaner, first add a file. When you click it, the current metadata is displayed. Select the file, then select **Clean**, followed by **Save**. You can verify that the metadata has been removed by re-adding the cleaned file and viewing its metadata. +To use the Metadata Cleaner, first add a file. When you click it, the current metadata is displayed. Select the file, then select **Clean**. You can verify that the metadata has been removed by re-adding the cleaned file and viewing its metadata. -When you clean a PDF file, it is converted to images, so you cannot select the text in it. If you want to retain this ability, there is a *lightweight* cleaning mode that cleans only the superficial metadata of your file, but not the metadata of embedded resources (such as images in the PDF). Embedded resources with metadata can be avoided by using Metadata Cleaner on the images before importing them into the layout software, and by using layout software on Tails or Qubes-Whonix such as Scribus that are generic for those operating systems. You can enable "lightweight mode" in the Metadata Cleaner settings. +When you clean a PDF file, it is converted to images, so the quality is downgraded and you cannot select the text in it. If you want to retain this ability, there is a *lightweight* cleaning mode that cleans only the superficial metadata of your file, but not the metadata of embedded resources (such as images in the PDF). Embedded resources with metadata can be avoided by using Metadata Cleaner on the images before importing them into the layout software, and by using layout software on Tails or Qubes-Whonix such as Scribus that are generic for those operating systems. You can enable "lightweight cleaning" in the Metadata Cleaner settings. Note the limitations of Metadata Cleaner: "mat2 only removes metadata from your files, it does not anonymise their content, nor can it handle watermarking, steganography, or any too custom metadata field/system. If you really want to be anonymous, use file formats that do not contain any metadata, or better: use plain-text." diff --git a/content/posts/qubes/index.md b/content/posts/qubes/index.md index 246567b..52e29bd 100644 --- a/content/posts/qubes/index.md +++ b/content/posts/qubes/index.md @@ -255,9 +255,7 @@ If a Disposable keeps crashing, try to increase the amount of RAM allocated to i # How to Use Disposables -Disposables can be launched from the Applications menu: the disposable is at the top, and the disposable Template is near the bottom. For example, to use a disposable Tor Browser, go to **Application Menu → Disposable: whonix-16-ws-dvm → Tor Browser**. This is how you do all your Tor browsing. If you launch a disposable application, but then want to access the file manager for the same disposable qube, you can do so from the Qubes Domains widget in the top-right corner of the interface. If you were to simply select "Files" from the Applications menu, this would launch another disposable. - -Once you close all the windows of a disposable, the whole disposable is shut down and reset to the state of its Template — any malware that may have been installed is now gone. +Disposables can be launched from the Applications menu, on the Apps tab. For example, to use a disposable Tor Browser, go to **Application Menu: Apps tab → whonix-workstation-17-dvm → Tor Browser**. This is how you do all your Tor browsing. Once you close all the windows of a disposable, the whole disposable is shut down and reset to the state of its Template — any malware that may have been installed is now gone. In contrast, an App qube must be shut down manually (using the Qubes Domains widget), and will persist data in the `/home`, `/usr/local`, and `/rw/config` directory. The next time an App qube boots, all locations in its file system other than these three directories will reflect the state of its Template. See how [inheritance and persistence](https://www.qubes-os.org/doc/templates/#inheritance-and-persistence) works for Templates, App qubes, and disposables for more information.