Merge branch 'QubesOS:main' into toki-newlines

project-security/verifying-signatures.md

@@ -375,11 +375,11 @@ by the QMSK:
 
 ```shell_session
 $ gpg2 --check-signatures "Qubes OS Release X Signing Key"
-pub   rsa4096 2017-03-06 [SC]
+pub   rsa4096 YYYY-MM-DD [SC]
-      5817A43B283DE5A9181A522E1848792F9E2795E9
+      XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 uid           [  full  ] Qubes OS Release X Signing Key
-sig!3        1848792F9E2795E9 2017-03-06  Qubes OS Release X Signing Key
+sig!3        XXXXXXXXXXXXXXXX YYYY-MM-DD  Qubes OS Release X Signing Key
-sig!         DDFA1A3E36879494 2017-03-08  Qubes Master Signing Key
+sig!         DDFA1A3E36879494 YYYY-MM-DD  Qubes Master Signing Key
 
 gpg: 2 good signatures
 ```
@@ -397,9 +397,9 @@ As a final sanity check, make sure the RSK is in your keyring with the correct
 trust level:
 
 ```shell_session
-$ gpg2 -k "Qubes OS Release"
+$ gpg2 -k "Qubes OS Release X Signing Key"
-pub   rsa4096 2017-03-06 [SC]
+pub   rsa4096 YYYY-MM-DD [SC]
-      5817A43B283DE5A9181A522E1848792F9E2795E9
+      XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 uid           [  full  ] Qubes OS Release X Signing Key
 ```
 
@@ -533,7 +533,7 @@ $ gpg2 -v --verify Qubes-RX-x86_64.iso.DIGESTS
 gpg: armor header: Hash: SHA256
 gpg: armor header: Version: GnuPG v2
 gpg: original file name=''
-gpg: Signature made Tue 20 Sep 2016 10:37:03 AM PDT using RSA key ID 03FA5082
+gpg: Signature made <TIME> using RSA key ID 03FA5082
 gpg: using PGP trust model
 gpg: Good signature from "Qubes OS Release X Signing Key"
 gpg: textmode signature, digest algorithm SHA256
@@ -578,7 +578,7 @@ executing this GPG command in the directory that contains both files:
 ```shell_session
 $ gpg2 -v --verify Qubes-RX-x86_64.iso.asc Qubes-RX-x86_64.iso
 gpg: armor header: Version: GnuPG v1
-gpg: Signature made Tue 08 Mar 2016 07:40:56 PM PST using RSA key ID 03FA5082
+gpg: Signature made <TIME> using RSA key ID 03FA5082
 gpg: using PGP trust model
 gpg: Good signature from "Qubes OS Release X Signing Key"
 gpg: binary signature, digest algorithm SHA256
@@ -698,8 +698,8 @@ Qubes ISOs](#how-to-verify-detached-pgp-signatures-on-qubes-isos).)
 
 ```shell_session
 $ dd if=/dev/sdX bs=1M count=<ISO_SIZE> iflag=count_bytes | gpg -v --verify Qubes-RX-x86_64.iso.asc -
-gpg: Signature made Thu 14 Jul 2022 08:49:38 PM PDT
+gpg: Signature made <TIME>
-gpg:                using RSA key 5817A43B283DE5A9181A522E1848792F9E2795E9
+gpg:                using RSA key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 gpg: using pgp trust model
 gpg: Good signature from "Qubes OS Release X Signing Key" [full]
 gpg: binary signature, digest algorithm SHA256, key algorithm rsa4096

user/downloading-installing-upgrading/supported-releases.md

@@ -57,7 +57,7 @@ It is the responsibility of each distribution to clearly notify its users in adv
 
 | Qubes OS    | Fedora | Debian |
 | ----------- | ------ | ------ |
-| Release 4.2 | 39, 40 | 12     |
+| Release 4.2 | 40, 41 | 12     |
 
 ### Note on Debian support
 

user/hardware/certified-hardware.md

@@ -25,53 +25,65 @@ Qubes-certified computers are certified for a [major release](/doc/version-schem
 
 The current Qubes-certified models are listed below in reverse chronological order of certification.
 
+### NitroPad V56
+
+[![Photo of the NitroPad V56](/attachment/site/nitropad-v56.png)](https://shop.nitrokey.com/shop/nitropad-v56-684)
+
+The [NitroPad V56](https://shop.nitrokey.com/shop/nitropad-v56-684) is certified for Qubes OS Release 4.
+
+### NovaCustom V56 Series 16.0 inch coreboot laptop
+
+[![Photo of the NovaCustom V56 Series 16.0 inch coreboot laptop](/attachment/site/novacustom-v56-series.png)](https://novacustom.com/product/v56-series/)
+
+The [NovaCustom V56 Series 16.0 inch coreboot laptop](https://novacustom.com/product/v56-series/) is certified for Qubes OS Release 4.
+
 ### NitroPC Pro 2
 
 [![Photo of the NitroPC Pro 2](/attachment/posts/nitropc-pro.jpg)](https://shop.nitrokey.com/shop/nitropc-pro-2-523)
 
-The [NitroPC Pro 2](https://shop.nitrokey.com/shop/nitropc-pro-2-523) is a desktop based on the MSI PRO Z790-P DDR5 motherboard. It is certified for Qubes OS 4.
+The [NitroPC Pro 2](https://shop.nitrokey.com/shop/nitropc-pro-2-523) is a desktop based on the MSI PRO Z790-P DDR5 motherboard. It is certified for Qubes OS Release 4.
 
 ### Star Labs StarBook
 
 [![Photo of the Star Labs StarBook](/attachment/site/starlabs-starbook.png)](https://starlabs.systems/pages/starbook)
 
-The [Star Labs StarBook](https://starlabs.systems/pages/starbook) is a 14-inch laptop. It is certified for Qubes OS 4.
+The [Star Labs StarBook](https://starlabs.systems/pages/starbook) is a 14-inch laptop. It is certified for Qubes OS Release 4.
 
 ### NitroPC Pro
 
 [![Photo of the NitroPC Pro](/attachment/posts/nitropc-pro.jpg)](https://shop.nitrokey.com/shop/product/nitropc-pro-523)
 
-The [NitroPC Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523) is a desktop based on the MSI PRO Z690-A DDR5 motherboard. It is certified for Qubes OS 4.
+The [NitroPC Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523) is a desktop based on the MSI PRO Z690-A DDR5 motherboard. It is certified for Qubes OS Release 4.
 
 ### NovaCustom NV41 Series
 
 [![Photo of the NovaCustom NV41 Series](/attachment/site/novacustom-nv41-series.png)](https://novacustom.com/product/nv41-series/)
 
-The [NovaCustom NV41 Series](https://novacustom.com/product/nv41-series/) is a 14-inch custom laptop. It is certified for Qubes OS 4.
+The [NovaCustom NV41 Series](https://novacustom.com/product/nv41-series/) is a 14-inch custom laptop. It is certified for Qubes OS Release 4.
 
 ### Dasharo FidelisGuard Z690
 
 [![Photo of the Dasharo FidelisGuard Z690](/attachment/site/dasharo-fidelisguard-z690.jpg)](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)
 
-The [Dasharo FidelisGuard Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/) is a desktop based on the MSI PRO Z690-A DDR4 motherboard. It is certified for Qubes OS 4.
+The [Dasharo FidelisGuard Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/) is a desktop based on the MSI PRO Z690-A DDR4 motherboard. It is certified for Qubes OS Release 4.
 
 ### NitroPad T430
 
 [![Photo of the NitroPad T430](/attachment/site/nitropad-t430.jpg)](https://shop.nitrokey.com/shop/product/nitropad-t430-119)
 
-The [NitroPad T430](https://shop.nitrokey.com/shop/product/nitropad-t430-119) is a laptop based on the ThinkPad T430. It is certified for Qubes OS 4.
+The [NitroPad T430](https://shop.nitrokey.com/shop/product/nitropad-t430-119) is a laptop based on the ThinkPad T430. It is certified for Qubes OS Release 4.
 
 ### NitroPad X230
 
 [![Photo of the NitroPad X230](/attachment/site/nitropad-x230.jpg)](https://shop.nitrokey.com/shop/product/nitropad-x230-67)
 
-The [NitroPad X230](https://shop.nitrokey.com/shop/product/nitropad-x230-67) is a laptop based on the ThinkPad X230. It is certified for Qubes OS 4.
+The [NitroPad X230](https://shop.nitrokey.com/shop/product/nitropad-x230-67) is a laptop based on the ThinkPad X230. It is certified for Qubes OS Release 4.
 
 ### Insurgo PrivacyBeast X230
 
 [![Photo of the Insurgo PrivacyBeast X230](/attachment/site/insurgo-privacybeast-x230.png)](https://insurgo.ca/produit/qubesos-certified-privacybeast_x230-reasonably-secured-laptop/)
 
-The [Insurgo PrivacyBeast X230](https://insurgo.ca/produit/qubesos-certified-privacybeast_x230-reasonably-secured-laptop/) is a laptop based on the ThinkPad X230. It is certified for Qubes OS 4.
+The [Insurgo PrivacyBeast X230](https://insurgo.ca/produit/qubesos-certified-privacybeast_x230-reasonably-secured-laptop/) is a laptop based on the ThinkPad X230. It is certified for Qubes OS Release 4.
 
 ## Become hardware certified
 

user/hardware/system-requirements.md

@@ -33,9 +33,13 @@ title: System requirements
 
 ## Recommended
 
-- **CPU:** 64-bit Intel or AMD processor (also known as `x86_64`, `x64`, and `AMD64`)
+- **CPU:** 64-bit Intel processor (also known as `x86_64`, `x64`, and `Intel 64`)
-  - [Intel VT-x](https://en.wikipedia.org/wiki/X86_virtualization#Intel_virtualization_.28VT-x.29) with [EPT](https://en.wikipedia.org/wiki/Second_Level_Address_Translation#Extended_Page_Tables) or [AMD-V](https://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29) with [RVI](https://en.wikipedia.org/wiki/Second_Level_Address_Translation#Rapid_Virtualization_Indexing)
+  - [Intel VT-x](https://en.wikipedia.org/wiki/X86_virtualization#Intel_virtualization_.28VT-x.29) with [EPT](https://en.wikipedia.org/wiki/Second_Level_Address_Translation#Extended_Page_Tables)
-  - [Intel VT-d](https://en.wikipedia.org/wiki/X86_virtualization#Intel-VT-d) or [AMD-Vi (also known as AMD IOMMU)](https://en.wikipedia.org/wiki/X86_virtualization#I.2FO_MMU_virtualization_.28AMD-Vi_and_Intel_VT-d.29)
+  - [Intel VT-d](https://en.wikipedia.org/wiki/X86_virtualization#Intel-VT-d)
+  - For security, we recommend processors that are recent enough to still be
+    receiving microcode updates (see [below](#important-updates) for details).
+  - AMD processors are not recommended due to inconsistent security support on
+    client platforms (see [below](#important-updates) for details).
 
 - **Memory:** 16 GB RAM
 
@@ -44,9 +48,9 @@ title: System requirements
 
 - **Graphics:** Intel integrated graphics processor (IGP) strongly recommended
   - Nvidia GPUs may require significant
-    [troubleshooting](/doc/install-nvidia-driver/)
+    [troubleshooting](/doc/install-nvidia-driver/).
   - AMD GPUs have not been formally tested, but Radeons (especially RX580 and
-    earlier) generally work well
+    earlier) generally work well.
 
 - **Peripherals:** A non-USB keyboard or multiple USB controllers
 
@@ -84,6 +88,58 @@ We recommend consulting these resources when selecting hardware for Qubes OS:
 - **Installing Qubes in a virtual machine is not recommended, as it uses its
   own bare-metal hypervisor (Xen).**
 
+- There is a class of security vulnerabilities that can be fixed only by
+  microcode updates. If your computer or the CPU in it no longer receives
+  microcode updates (e.g., because it is too old), it may not be possible for
+  some of these vulnerabilities to be mitigated on your system, leaving you
+  vulnerable. For this reason, we recommend using Qubes OS on systems that are
+  still receiving microcode updates. Nonetheless, Qubes OS **can** run on
+  systems that no longer receive microcode updates, and such systems will still
+  offer significant security advantages over conventional operating systems on
+  the same hardware.
+
+  Intel maintains a
+  [list](https://www.intel.com/content/www/us/en/support/articles/000022396/processors.html)
+  of end-of-support dates for its processors. However, this list seems to
+  include only processors that are no longer supported or will soon no longer
+  be supported. Many newer Intel processors are missing from this list. To our
+  knowledge, Intel does not announce end-of-support dates for its newer
+  processors in advance, nor does it have a public policy governing how long
+  support will last.
+
+- Intel and AMD handle microcode updates differently, which has significant
+  security implications. On Intel platforms, microcode updates can typically be
+  loaded from the operating system. This allows the Qubes security team to
+  respond rapidly to new vulnerabilities by shipping microcode updates alongside
+  other security updates directly to users. By contrast, on AMD client (as
+  opposed to server) platforms, microcode updates are typically shipped only as
+  part of system firmware and generally cannot be loaded from the operating
+  system. This means that AMD users typically must wait for:
+  
+  1. AMD to distribute microcode updates to original equipment manufacturers
+  (OEMs), original design manufacturers (ODMs), and motherboard manufacturers
+  (MB); and
+  2. The user's OEM, ODM, or MB to provide a suitable BIOS or (U)EFI update for
+  the user's system.
+  
+  Historically, AMD has often been slow to complete step (1), at least for its
+  client (as opposed to server) platforms. In some cases, AMD has made fixes
+  available for its server platforms very shortly after a security embargo was
+  lifted, but it did not make fixes available for client platforms facing the
+  same vulnerability until weeks or months later. (A "security embargo" is the
+  practice of avoiding public disclosure of a security vulnerability prior to a
+  designated date.) By contrast, Intel has consistently made fixes available for
+  new CPU vulnerabilities across its supported platforms very shortly after
+  security embargoes have been lifted.
+
+  Step (2) varies by vendor. Many vendors fail to complete step (2) at all,
+  while some others take a very long time to complete it.
+  
+  The bottom line is that Qubes OS **can** run on AMD systems, and the Qubes and
+  Xen security teams do their best to provide security support for AMD systems.
+  However, without the ability to ship microcode updates, there is only so much
+  they can do.
+
 - Qubes **can** be installed on many systems that do not meet the recommended
   requirements. Such systems will still offer significant security improvements
   over traditional operating systems, since things like GUI isolation and