Commit Graph

164 Commits

Author SHA1 Message Date
awokd
646aa7d5f5
Update firewall.md 2018-02-02 15:15:06 +00:00
awokd
1a6c777d8b
split-gpg update package utilities
yum -> dnf
apt-get -> apt
2018-02-02 13:40:40 +00:00
awokd
019b577b45
multifactor-authentication update fedora version
and yum -> dnf
2018-02-02 13:28:58 +00:00
awokd
6a631651d6
firewall 4.0 updates 2018-02-02 13:06:10 +00:00
awokd
922340303e
security-guidelines 4.0 update
yum -> dnf
Replace R3.x specific description of treatment of template's home directory with link to /doc/template
2018-02-01 14:59:45 +00:00
mossy-nw
2602af7bc1
Update split-gpg.md 2018-01-19 13:21:10 +00:00
Speedy Gonzales
58ef892234
made it a bit clearer 2018-01-12 13:59:28 +01:00
Christopher Laprise
d63cc59595
Remove -n from echo 2018-01-11 16:57:38 -05:00
Christopher Laprise
ca170fd8ee
Add policy parameter for R4.0 2018-01-10 14:39:38 -05:00
William Pierce
9408f8d2ee Consistently use the term "third-party" 2017-12-07 22:43:04 -06:00
Andrew David Wong
57ef6d7779
Update links to new FAQ (QubesOS/qubes-issues#2704) 2017-11-15 22:38:48 -06:00
Andrew David Wong
aa11899db7
Merge branch 'patch-39' of https://github.com/adrelanos/qubes-doc into adrelanos-patch-39 2017-11-14 20:41:13 -06:00
Andrew David Wong
7f36b07e45
Merge branch 'patch-36' of https://github.com/adrelanos/qubes-doc into adrelanos-patch-36 2017-11-14 20:37:50 -06:00
Patrick Schleizer
353c8e8416
more useful link for USB keyboard 2017-11-15 02:59:41 +01:00
Patrick Schleizer
6c76f98d45
more verbose instructions for Locking the screen when YubiKey is removed 2017-11-14 00:46:52 +01:00
Patrick Schleizer
4b2d611965
improve usage instructions 2017-11-14 00:39:28 +01:00
Miguel Jacq
408aef3941
Fix conflicts introduced from new changes in master branch 2017-11-01 14:00:00 +11:00
Andrew David Wong
0331740993
Merge branch 'split-bitcoin-wallet-fedora' of https://github.com/thomaskey/qubes-doc into thomaskey-split-bitcoin-wallet-fedora 2017-10-27 20:50:00 -05:00
Andrew David Wong
e67088f3bd
Revert "attacker emailing himself" sentence for clarity 2017-10-26 21:29:16 -05:00
Andrew David Wong
7af0784363
Merge branch 'patch-24' of https://github.com/stubbybubby/qubes-doc into stubbybubby-patch-24 2017-10-26 21:21:12 -05:00
Thomas Chiantia
5bdec5234b
Update split-bitcoin.md
Signed-off-by: thomas <thomas.chiantia@gmail.com>
2017-10-22 10:18:50 -04:00
thomas
2f73914e54 debian-8-backports electrum has bug, use fedora-25? 2017-10-19 16:01:35 -04:00
Robin Schneider
8ef2335394
Fix root shell PS1 in security/split-gpg
The first command invokes a `bash` shell with elevated rights. The `echo`
file redirection would not work as normal `user`.
2017-10-09 22:17:07 +02:00
Andrew David Wong
99fdbf29b4
Update examples from fedora-24 to fedora-25 2017-07-29 21:21:25 -05:00
Christopher Laprise
b27f90d74f
Fix auth for 'su' command 2017-07-12 15:07:13 -04:00
Miguel Jacq
3ab0832ba7
fix my own spelling mistake... 2017-05-25 17:14:49 +10:00
Miguel Jacq
d3855827f1
More typo/grammar/re-wording from @jpouellet's review 2017-05-25 16:43:11 +10:00
Dean V
f572f00826 Edit + Disagreement
Did some prosaic editing:
* Removed unnecessary parentheses
* Shortened long sentences
* Wording changes.
* Removed restatements of earlier sentences
Also, this document made the following error about cooperative covert leaking channels in Qubes OS:

> It is likely that the only way to **fully protect against leaks of type 1** and 2 is to either pause or shut down all other VMs while performing sensitive operations in the target VM(s) (such as key generation).

This is wrong. Closing the other VMs while performing such important activities does nothing to stop leaks in type 1, assuming you turn the other VMs back on at some point. The (presumably compromised) AppVM in question can easily write the information it needs to leak down until the other Qubes come back online. Inserted a new sentence clarifying this.
2017-05-17 19:54:15 -07:00
fortasse
8f8384c6e9 Fix redirect loop in /doc/firewall/ 2017-05-13 21:09:39 -04:00
Miguel Jacq
c5f4957ee2
more minor typo/grammar fixes 2017-05-12 15:58:22 +10:00
Miguel Jacq
2f369c1309
more minor typo/grammar fixes 2017-05-12 10:12:02 +10:00
Miguel Jacq
db13ef5a33
Various minor spelling and grammar fixes 2017-05-11 18:48:59 +10:00
Marek Marczykowski-Górecki
1e5bdb770a
Merge remote-tracking branch 'origin/pr/408' into https
* origin/pr/408:
  Update firewall.md
2017-05-06 23:38:03 +02:00
InstantGratimification
66b604ea5a Update firewall.md 2017-05-03 15:11:44 +00:00
InstantGratimification
b3dcea40a8 http -> https + blogspot -> https://blog.invisiblethings.org 2017-05-03 14:49:41 +00:00
InstantGratimification
053164de28 Update anti-evil-maid.md 2017-05-03 10:04:52 +00:00
stubbybubby
469ca0c5e2 Revert previous commit
That was weird. Iw as sure they were dead links.
2017-04-17 17:11:51 -07:00
stubbybubby
23726eb505 Remove dead links
Removed some dead links in the introduction.
2017-04-16 19:33:19 -07:00
stubbybubby
44f8c8eb7c Edit expose-like-effect part
Updated the paragraphs to reflect the current desktop environment of QubesOS.
2017-04-16 16:55:38 -07:00
stubbybubby
848ee837e8 Modified introduction
Removed the reference to the original older qubesos introduction and made the introduction of this article a standalone statement.
2017-04-16 15:20:21 -07:00
stubbybubby
7569cf3b95 Add disclaimer and clarifications about signatures
Wrote a paragraph or two about verifying the QubesOS ISO signature and wrote a disclaimer that Qubes does not automatically verify external downloads not coming from its own repositories.
2017-04-16 15:09:04 -07:00
stubbybubby
824618d805 Edit/Rewrite security-guidelines.md
A few content changes, read over them to see if you like them:
* A few sentences were reworded so that end users could understand them better, without sacrificing detail. 
* Sometimes more detail was added to give context to sentences or to make them more accurate.
* New sentences were added to help transitions in thought.
* New sentences were added to provide reasoning to earlier instructions so that the reader knew why they were important.

None of these content changes were particularly extensive or clashed with the original paper but they do change the meaning a bit, so I thought it important to document them.

Other changes:
* Subject-verb agreement
* Corrected some parentheses placements
* Misc. Grammar Fixes
* Inserted forgotten commas and periods
* Word variation
* Rework on some sentences that had really roundabout ways of saying things

In addition to my PR being a big edit, it is also on an important document. I have looked over my changes well and I know you will too. Reply if anything needs fixing/changing in the PR.

I have more changes that I want to add, but I figured I had edited the document enough already and if I added anythign else or made more extensive modifications it might be hard to tell what exactly I did.
2017-04-15 22:34:37 -07:00
ddcrjlalumiere
b8bac33169 Directly link to HCL 2017-03-21 15:54:32 -04:00
Andrew David Wong
8ab0a855bd
Reorganize security info pages 2017-03-18 19:31:12 -07:00
Michael Carbone
a8af17352c made more clear dom0 vs template commands
based on user error/feedback at training
2017-01-26 17:42:49 -05:00
Andrew David Wong
740b138532
AEM known issue: incompatible with SSD cache 2017-01-03 13:39:04 -08:00
Andrew David Wong
658e02cc50
Update Xen bug count in sudoers comment
Closes QubesOS/qubes-issues#2480
2016-12-04 16:30:33 -08:00
Andrew David Wong
3918733e29
Fix broken link 2016-11-30 20:22:05 -08:00
Andrew David Wong
8cd05ef837
Fix code block formatting
https://github.com/QubesOS/qubes-doc/pull/228#issuecomment-263232368
2016-11-28 02:35:21 -08:00
Andrew David Wong
5e107f5fa0
Merge branch 'patch-8' of https://github.com/tasket/qubes-doc into tasket-patch-8 2016-11-27 16:27:57 -08:00
tasket
76ecc09a9d Update vm-sudo.md
Specify service actions instead of globbing.
2016-11-26 21:38:48 -05:00
Andrew David Wong
fbcf95e21c
Move project security pages to separate directory 2016-11-26 02:12:28 -08:00
Andrew David Wong
ab10f7fb60
Update Fedora version number in examples 2016-11-23 15:38:09 -08:00
Andrew David Wong
b5aaccb4f3
Update qubes-secpack page
* Replace "QSP" with "qubes-secpack"
  (We should only have one official short name for it.)
* Note that the repo itself is independent of the host
  (currently GitHub)
* Minor text cleanup
2016-11-22 14:33:56 -08:00
Andrew David Wong
740aa6d4a4
Add QSB 27 2016-11-22 06:00:21 -08:00
tasket
5dd89f912d Additional step for Whonix
Per this discussion, https://forums.whonix.org/t/fixing-whonix-boot-issue-after-securing-qubes-root-auth/3155/8

Whonix executes sudo commands in non-root startup scripts which causes pop-up auth prompts to appear while Whonix VMs are starting. The problem is partly due to sudo parsing sudoers.d entries in alphabetical order, and some later configs cause earlier ones to get overridden. Adding the right permissions to a lexically 'last' filename resolves the issue.
2016-11-22 05:34:48 -05:00
unman
ccbb26f5cc Correct typo in vm-sudo.md 2016-11-15 20:55:29 +00:00
Andrew David Wong
2d07f7831c
Change "/doc/qubes-firewall/" to "/doc/firewall/" 2016-11-12 12:39:24 -08:00
Andrew David Wong
28aee1d10f
Fix link and clean up text 2016-11-09 14:54:09 -08:00
unman
321e2da1cb Update qubes-firewall.md-include limit on iptables
QubesOS/qubes-issues#1570 refers
2016-11-08 18:15:36 +00:00
Andrew David Wong
37b9e3c361 Rewrite to avoid pronouns entirely 2016-10-20 16:15:31 -07:00
Michael Carbone
2b65809ad3 removed gendered language 2016-10-20 19:28:12 +02:00
Marek Marczykowski-Górecki
e02030119e
Fix internal links 2016-09-25 01:25:34 +02:00
Andrew David Wong
d3f1a13718
Add QSB 26 2016-09-21 10:56:55 -07:00
Andrew David Wong
3a9cbd7b8a
Add QSB 25 2016-09-17 14:00:55 -07:00
Andrew David Wong
55aa8be670
Strengthen disclaimer; clean up text and formatting 2016-08-26 23:58:02 -07:00
Andrew David Wong
5cacc4aa71
Merge branch 'master' of git://github.com/crat0z/qubes-doc into crat0z-master 2016-08-26 23:51:57 -07:00
John Bernard
45b2ccc7b0 Fix broken link
The URL https://www.networkworld.com/news/2007/080207-black-hat-virtual-machine-rootkit-detection.html is a broken link -- presenting an error "Page not found" upon request. However, there exists an archive of this article on archive.org, and I have updated the URL to point to the archive.
2016-08-15 11:50:11 -05:00
crat0z
4e4ecad0be Add Dom0 prompt for root in Debian/Whonix VMs 2016-08-08 16:47:35 -04:00
Andrew David Wong
4f5adaf94d
Provide location of XML file containing firewall rules 2016-07-30 16:55:25 -07:00
xloem
8b488234eb Fix for #2206 2016-07-29 19:56:25 +00:00
Andrew David Wong
4e745b374e
Add QSB 24 to Security Bulletins page 2016-07-27 13:49:58 -07:00
Andrew David Wong
859af9be03
Fix formatting and orthography 2016-07-21 15:09:30 -07:00
clayton
e259037ec3 more /rw/config/ script tweaks 2016-07-20 20:26:17 +08:00
clayton
c44b8a13c9 Add a specific note about where to put iptables in /rw/config/ 2016-07-19 20:09:06 +08:00
Andrew David Wong
d32a013301
Avoid implying that the fund is only for donations 2016-07-13 04:34:51 -07:00
Andrew David Wong
ab15b144f8
Revise and update Qubes Security Pack page
* Add instructions for verifying Git tags
* Explain rationale for providing two methods of verification
* Update warrant canary link (Canary Watch has shut down)
* State that the QSP now contains Bitcoin fund info
* Fix "ó" in Marek's name
* Remove full CLI prompt (for uniformity with rest of site)
* Remove instructions for reading text files (unnecessary)
* Reorder list of QSP contents (move PGP keys to top, since
  verification of everything else depends on them)
2016-07-13 04:21:37 -07:00
Andrew David Wong
fabb7b17d3
Add notes regarding private and public key management 2016-07-08 20:39:18 -07:00
Michael Carbone
b4ade4156f added content 2016-07-05 11:38:17 +00:00
Andrew David Wong
fdeab1e478 Merge pull request #146 from kulinacs/split-git
Fixed Style in Split Git Documentation
2016-05-25 01:16:25 -07:00
Andrew David Wong
4e09178199
Update heading of configuration section 2016-05-25 01:03:38 -07:00
Nicklaus McClendon
c785d3785f
Fixed Style in Split Git Documentation
Put filenames and commands in between back ticks to match the style
of the rest of the documentation.
2016-05-25 03:03:27 -05:00
Andrew David Wong
9ebcfd1a6f
Change heading and heading level of Thunderbird section 2016-05-25 01:02:59 -07:00
Andrew David Wong
e4b660f30b
Change heading and heading level of Git section
QubesOS/qubes-issues#1964
2016-05-25 00:59:34 -07:00
Andrew David Wong
5aa7b555d5
Explain usage of git tag aliases 2016-05-24 17:37:44 -07:00
Andrew David Wong
3d9c2d177b
Don't hardcode my initials into your git tag alias :) 2016-05-24 17:30:26 -07:00
Nicklaus McClendon
f6ee88bd49
Added Split-GPG for Git documentation
Fixes QubesOS/qubes-issues#1964. Updated the documentation with the information
from the issue and included information on signing and verifying tags.
2016-05-24 16:47:32 -05:00
Andrew David Wong
0865bda472
Start Split Bitcoin page (QubesOS/qubes-issues#1966) 2016-05-20 14:17:34 -07:00
Axon
a133649a11
Fix code block syntax 2016-04-13 17:01:53 +00:00
Axon
c489f1db03
Rewrap some lines 2016-03-14 08:12:54 +00:00
Axon
c5673a5597
Remove extra space 2016-03-14 08:11:05 +00:00
Axon
9d02126d03
Clean up and update Split-GPG page
* Remove old and deprecated content.
* Edit and clarify language.
* Include helpful references.
* Add specific troubleshooting tips.
* Convert to reference-style links.
2016-03-14 08:06:44 +00:00
Axon
5d1bdaede5
Remove deprecated open-pgp page; redirect to split-gpg 2016-03-14 07:32:28 +00:00
William Robinet
7347b38834 fix typos 2016-02-21 19:07:55 +01:00
Alex Dubois
991f197a53 simplified title 2016-02-07 19:14:07 +00:00
Alex Dubois
df2d26ebbd 80 columns and simplified my last part and good script 2016-02-07 19:09:25 +00:00
Axon
9d59c48aa7
Reorganize USB-related information
This commit creates a single, central page (/doc/usb/) for all
USB-related information by combining stick-mounting.md with the
manual USB qube (formerly known as "USBVM") creation procedure
from security-guidelines.md. It rewrites the content from both of
those and adds the content requested in QubesOS/qubes-issues#1690.
It also redirects /doc/usbvm/ away from the ancient page on PVUSB.
2016-01-28 12:02:39 +00:00
r00t
0baa097f9b Fix a few typos 2016-01-10 18:41:30 -05:00
Christophe Troestler
346c2aca54 Fix typo 2016-01-09 00:52:56 +01:00
Axon
673a278752
Add QSB #23 (fixes QubesOS/qubes-issues#1583) 2016-01-05 04:18:05 +00:00