2017-12-14 10:16:44 +13:00
|
|
|
# 2017-12-15
|
|
|
|
## Linux workstation security
|
|
|
|
- Remove detailed SELinux instrusctions
|
|
|
|
- Remove GrSecurity recommendation, as it's not available without subscription
|
|
|
|
- Change NoScript to uMatrix recommendation
|
|
|
|
- Add some Firejail usage quickies
|
|
|
|
|
|
|
|
## Protecting code integrity with PGP
|
|
|
|
- Add whole new doc on PGP and its use with Git. It is aimed at free software
|
|
|
|
developers and should be used alongside with the workstation security doc.
|
|
|
|
|
|
|
|
## Trusted team communication
|
|
|
|
- A fairly major rewrite in the works...
|
|
|
|
|
2017-01-23 11:33:28 +13:00
|
|
|
# 2017-01-23
|
|
|
|
## Linux workstation security checklist
|
|
|
|
|
|
|
|
- add warning that attackers routinely brute-force simple passphrases
|
|
|
|
- recommend switching to Wayland
|
|
|
|
- Replace browser-in-VM recommendation with firejail-separated profiles
|
|
|
|
instead
|
|
|
|
- List NitroKey in addition to Yubikey
|
|
|
|
- Add recommendation to use Fido U2F for services supporting it
|
|
|
|
- Add SubgraphOS alongside QubesOS (though SubgraphOS is still in alpha)
|
|
|
|
- Not adding Flatpak/Snappy yet, as the list of supported apps is pretty pithy
|