Commit Graph

2108 Commits

Author SHA1 Message Date
Patrick Schleizer
52c46e4706
Merge remote-tracking branch 'github-kicksecure/master' 2022-07-09 11:37:41 -04:00
Patrick Schleizer
dc41a58102
Merge pull request #108 from Krish-sysadmin/master
Continue for loop if unable to change one directory's permission
2022-07-09 11:37:57 -04:00
Patrick Schleizer
1b8500cc22
bumped changelog version 2022-07-07 17:41:13 -04:00
Patrick Schleizer
277749f27b
genmkfile debinstfile 2022-07-07 15:49:08 -04:00
Patrick Schleizer
eb8535fe87
renamed: usr/bin/disabled-by-security-misc -> bin/disabled-by-security-misc 2022-07-07 15:48:39 -04:00
Patrick Schleizer
26b2c9727f
not blacklist CD-ROM / DVD yet
https://forums.whonix.org/t/blacklist-more-kernel-modules-to-reduce-attack-surface/7989/31
2022-07-07 15:39:40 -04:00
Patrick Schleizer
d5c1650341
shuffle 2022-07-07 15:28:09 -04:00
Patrick Schleizer
ca19d78d48
shuffle 2022-07-07 15:27:15 -04:00
Patrick Schleizer
d018bdaf73
Merge remote-tracking branch 'raja-gerwal/master' 2022-07-07 15:26:08 -04:00
Raja Grewal
780dc8eec9
replace /bin/false -> /bin/disabled-by-security-misc 2022-07-08 04:11:25 +10:00
Raja Grewal
fa2e30f512
Updated descriptions of disabled modules 2022-07-08 03:04:37 +10:00
Raja Grewal
da389d6682
Revert "replace /bin/false -> /bin/true"
This reverts commit f0511635a9.
2022-07-08 02:12:04 +10:00
raja-grewal
28381e81d4
Update README.md 2022-07-07 09:28:30 +00:00
raja-grewal
f0511635a9
replace /bin/false -> /bin/true 2022-07-07 09:27:53 +00:00
raja-grewal
18d67dbc53
Blacklist more modules 2022-07-07 09:26:55 +00:00
Patrick Schleizer
1b287a6430
bumped changelog version 2022-07-05 11:16:33 -04:00
Patrick Schleizer
92ff868ece
readme 2022-07-05 11:05:36 -04:00
Patrick Schleizer
b8ba608535
readme 2022-07-05 10:57:28 -04:00
Patrick Schleizer
949edf3e17
readme 2022-07-05 10:48:58 -04:00
Patrick Schleizer
1c0e071948
comments 2022-07-05 10:45:55 -04:00
Patrick Schleizer
5d47f5f74c
comments 2022-07-05 10:45:09 -04:00
Patrick Schleizer
435c689cf9
comments 2022-07-05 10:44:28 -04:00
Patrick Schleizer
c20d588d78
comments 2022-07-05 10:42:37 -04:00
Patrick Schleizer
8f03ce049a
readme 2022-07-05 10:41:55 -04:00
Patrick Schleizer
b342ce930e
add /etc/default/grub.d/40_cold_boot_attack_defense.cfg 2022-07-05 10:28:22 -04:00
Krish-sysadmin
e5f8004a94
Update hide-hardware-info 2022-07-05 03:37:40 +02:00
Patrick Schleizer
69af8be7b8
drop_caches before and after sdmem 2022-07-02 19:10:55 -04:00
Patrick Schleizer
67bdd58bf2
sync 2022-07-02 19:07:06 -04:00
Patrick Schleizer
01b82bf0f0
bumped changelog version 2022-07-02 18:30:06 -04:00
Patrick Schleizer
973f117aa6
wipe RAM at shutdown: Ensure any remaining disk cache is erased by Linux' memory poisoning
by running:
`echo 3 > /proc/sys/vm/drop_caches`

Inspired by Tails:
https://gitlab.tails.boum.org/tails/tails/-/blob/master/config/chroot_local-includes/usr/local/lib/initramfs-pre-shutdown-hook
2022-07-02 18:12:36 -04:00
Patrick Schleizer
e783ddc71e
bumped changelog version 2022-07-02 17:37:16 -04:00
Patrick Schleizer
95187bd357
fix 2022-07-02 17:21:33 -04:00
Patrick Schleizer
3bd87d019f
bumped changelog version 2022-07-02 16:03:52 -04:00
Patrick Schleizer
148a050468
fix 2022-07-02 16:03:45 -04:00
Patrick Schleizer
82e7863d5b
improvement 2022-07-02 16:02:28 -04:00
Patrick Schleizer
aebca1b3dc
bumped changelog version 2022-07-02 15:52:08 -04:00
Patrick Schleizer
1144b39e5e
debugging 2022-07-02 15:50:59 -04:00
Patrick Schleizer
c29b21c08a
output 2022-07-02 15:45:19 -04:00
Patrick Schleizer
ed8ce9a7d0
bumped changelog version 2022-07-02 15:32:51 -04:00
Patrick Schleizer
d34fe21963
fix 2022-07-02 15:32:42 -04:00
Patrick Schleizer
7a448e01a1
bumped changelog version 2022-07-02 14:27:04 -04:00
Patrick Schleizer
32fdcf522b
- introduce wiperam=skip kernel parameter to skip wipe ram
- introduce `wiperam=force` kernel parameter to force wipe ram inside VMs
2022-06-30 14:47:45 -04:00
Patrick Schleizer
036f518ddc
improvement 2022-06-30 13:56:29 -04:00
Patrick Schleizer
0e2fae2b69
skip ram wipe inside VMs
https://forums.whonix.org/t/is-ram-wipe-possible-inside-whonix-cold-boot-attack-defense/5596/40
2022-06-30 13:50:18 -04:00
Patrick Schleizer
e06405c7be
undo 2022-06-29 16:56:16 -04:00
Patrick Schleizer
1b97d9cb76
fix 2022-06-29 16:30:31 -04:00
Patrick Schleizer
26be74bfe5
bumped changelog version 2022-06-29 16:25:07 -04:00
Patrick Schleizer
92c543e71f
output 2022-06-29 16:24:52 -04:00
Patrick Schleizer
d4161b2748
output 2022-06-29 16:23:42 -04:00
Patrick Schleizer
1ce7b27297
improvement 2022-06-29 16:23:12 -04:00