Erik Moeller
Erik Moeller
This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of...
As documented upstream in https://gitlab.tails.boum.org/tails/tails/-/issues/18620, Tails sometimes fails to install the "Additional software" (Debian packages) that users have previously requested to persist. When this happens, `securedrop-admin` will no longer work...
Certain pages in our documentation, like https://docs.securedrop.org/en/stable/minimum_security_requirements.html, currently do not make it clear whether a requirement _must_ be followed for a SecureDrop installation, or whether it is a recommendation. It...
The HTTP/2 spec [recommends](https://tools.ietf.org/html/rfc7540#section-9.2.2) the adoption of a cipher suite blacklist by implementers, clarifies security requirements for TLS connections, and includes other protocol-level security improvements. For security reasons, we should...
We currently publish two builds of the docs, `stable` and `latest`. `stable` is default and we generally link to it in announcements, but 1) mistakes happen, 2) `latest` does come...
At least on NUC10s, the default behavior after power failure is to stay off, which is almost never what a SecureDrop admin would want. This can be changed under **Power...
## Describe the change We currently refer users to the OSSEC Guide for configuring OSSEC: https://docs.securedrop.org/en/stable/ossec_alerts.html There's no particular reason why we should send users to an entirely separate chapter...
## Describe the change Packaging securedrop for Tails workstations (https://github.com/freedomofpress/securedrop/issues/3502) -- and maybe later for Qubes admin workstations -- could let us avoid using `git` on Tails workstations altogether. In...
The public threat model at https://docs.securedrop.org/en/stable/threat_model/threat_model.html has been updated a bit over the years, but it still references SecureDrop 0.3. We should review it and ensure that it is up-to-date...
The [OSSEC guide](https://docs.securedrop.org/en/release-0.13.1/ossec_alerts.html) includes instructions for fetching your OSSEC key from a keyserver. These instructions should be updated to include instructions for publishing and fetching the key using `keys.openpgp.org`, per...