Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-10-01 01:25:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Improve QSB and canary pages

Browse Source 
- Add general descriptions
- Link to Qubes Security Team
- Add headings for lists
- Normalize heading syntax
This commit is contained in:
Andrew David Wong 2021-06-14 21:33:53 -07:00
parent 57006d3242
commit f4a0c5575a
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
project-security/canaries.md
View File

@ -7,7 +7,14 @@ ref: 208
title: Canaries
---
Qubes Canaries
==============
# Qubes Canaries
Qubes Canaries are published through the [Qubes Security Pack](/security/pack/).
A **Qubes Canary** is a security announcement periodically issued by the [Qubes Security Team](/security/#the-qubes-security-team) through the [Qubes Security Pack](/security/pack/) consisting of several statements to the effect that the signers of the canary have not been compromised.
The idea is that, as long as signed canaries including such statements continue to be published, all is well.
However, if the canaries should suddenly cease, if one or more signers begin declining to sign them, or if the included statements change significantly without plausible explanation, then this may indicate that something has gone wrong.
The name originates from the practice of in which miners would bring caged canaries into coal mines.
If the level of methane gas in the mine reached a dangerous level, the canary would die, indicating to miners that they should evacuate.
See [Wikipedia: warrant canary](https://en.wikipedia.org/wiki/Warrant_canary) for more information, but bear in mind that Qubes canaries are not strictly limited to legal warrants.
## Full list

8
project-security/security-bulletins.md
View File

@ -12,7 +12,9 @@ ref: 218
title: Qubes Security Bulletins (QSBs)
---
Qubes Security Bulletins (QSBs)
===============================
# Qubes Security Bulletins (QSBs)
Qubes Security Bulletins (QSBs) are published through the [Qubes Security Pack](/security/pack/).
A **Qubes Security Bulletin (QSB)** is a security announcement issued by the [Qubes Security Team](/security/#the-qubes-security-team) through the [Qubes Security Pack](/security/pack/).
A QSB typically provides a summary and impact analysis of one or more recently-discovered software vulnerabilities, including details about patching to address them.
## Full list