Michael Altfield
Michael Altfield
ok, well, I'm happy to do as much of the work as I can, but obviously you do need to be able to commit to a few hours of initial...
> The best way to prevent a targeted attack against you before a device is in your possession is to purchase a device in a physical store, rather than ordering...
The `Hardware Security Programs` has one paragraph about Windows and one paragraph about Mac. I think we should add a third paragraph mentioning Linux machines, with specific focus on distros...
@inson1 see * https://github.com/privacyguides/privacyguides.org/pull/1939 * https://github.com/privacyguides/privacyguides.org/issues/1899 It looks like the first PR was merged. That PR and *this* PR are both are called "Add hardware section" I know there was...
> maybe add an anti-theft recommendation I think "Dead man switches" (like [BusKill](https://github.com/buskill/buskill-app)) *are* the anti-theft recommendation. Or did you have something else in mind?
It might also be worthwhile spending 1-4 paragraphs discussing (and linking-to some guides) on how to setup a "**whole house VPN**" with your router. Such a setup can pass all...
And just to be clear, the purpose of this ticket is to address issues with [authentication](https://en.wikipedia.org/wiki/Authentication) of the software release, not just [integrity](https://en.wikipedia.org/wiki/Checksum). Publishing hashes (that are *not* signed) provides...
For more information on best-practices of signing releases with GPG, please see: 1. https://infra.apache.org/release-signing 2. https://docs.opendev.org/opendev/system-config/latest/signing.html 3. https://wiki.debian.org/Subkeys 4. https://riseup.net/en/security/message-security/openpgp/best-practices
This is also a good first-step (with much lower hanging fruit = easier to implement) to get to #52 & #319
That's a good workaround for now, thank you :)