Git-Mirrors/thgtoa
1
0
Fork 0
mirror of https://github.com/Anon-Planet/thgtoa.git synced 2024-08-05 09:45:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add explanation to why verification should not be skipped

Browse Source
This commit is contained in:
Alex Anderson 2022-05-11 02:03:39 +00:00
parent 9d01ae480b
commit c5c1898bea
No known key found for this signature in database
GPG Key ID: 0C216A52F6DF4920
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
guide.md
View File

@ -4934,7 +4934,7 @@ We will follow the instructions from their own guide <https://www.qubes-os.org/d
- If you want to use Tor over VPN or cannot use any of those, leave it unchecked.
- Be absolutely sure that you are verifying the signature of the ISO, which you can find on this page: <https://www.qubes-os.org/security/verifying-signatures/> <sup>[[Archive.org]][1367]</sup>. Check by obtaining the fingerprint from multiple independent sources in several different ways as recommended. This is to ensure the image has not been tampered with. Do not skip this vital step even though we know we are getting the ISO from a trusted source.
- Be absolutely sure that you are verifying the signature of the ISO, which you can find on this page: <https://www.qubes-os.org/security/verifying-signatures/> <sup>[[Archive.org]][1367]</sup>. Check by obtaining the fingerprint from multiple independent sources in several different ways as recommended. This is to ensure the image has not been tampered with. Do not skip this vital step even though we know we are getting the ISO from a trusted source, because it's possible for the Qubes website to be compromised.
- If you cannot use Tor at all, there is also no point in installing Whonix. So, you should disable Whonix installation within the Software Selection Menu.