prokop/thgtoa
1
0
Fork 0
mirror of https://github.com/Anon-Planet/thgtoa.git synced 2026-03-22 20:53:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Signed recent changes

Browse Source
This commit is contained in:
Alex Anderson
2022-05-11 02:53:03 +00:00
parent 5e17456d28
commit 07c4420b47
117 changed files with 785 additions and 780 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
export/guide.html
View File

@@ -3580,15 +3580,20 @@
<p>We will follow the instructions from their own guide <a href="https://www.qubes-os.org/doc/installation-guide/" class="uri">https://www.qubes-os.org/doc/installation-guide/</a> <sup><a href="https://web.archive.org/web/https://www.qubes-os.org/doc/installation-guide/">[Archive.org]</a></sup>:</p>
<p>(Secure Boot is not supported as per their FAQ: <a href="https://www.qubes-os.org/faq/#is-secure-boot-supported" class="uri">https://www.qubes-os.org/faq/#is-secure-boot-supported</a> <sup><a href="https://web.archive.org/web/https://www.qubes-os.org/faq/">[Archive.org]</a></sup> so it should be disabled in the BIOS/UEFI settings.)</p>
<ul>
<li><p>Download the latest Qubes OS 4.0.x installation ISO according to their hardware compatibility list.</p></li>
<li><p>Download the latest Qubes OS 4.1.x installation ISO according to their hardware compatibility list.</p></li>
<li><p>Get and verify the Qubes OS Master Signing key: <a href="https://keys.qubes-os.org/keys/qubes-master-signing-key.asc" class="uri">https://keys.qubes-os.org/keys/qubes-master-signing-key.asc</a></p></li>
<li><p>Prepare a USB key with the Qubes OS ISO file</p></li>
<li><p>Install Qubes OS according to the installation guide:</p>
<ul>
<li><p><strong>If you want to use Tor or VPN over Tor: Check the</strong> &quot;<strong>Enabling system and template updates over the Tor anonymity network using Whonix&quot; during the last step. This will force all Qubes OS updates to go through Tor. While this will significantly reduce your update speed, it will increase your anonymity from the start.</strong> (If you are having issues connecting to Tor due to censorship or blocking, consider using Tor Bridges as recommended earlier. Just follow the tutorial provided here: <a href="https://www.whonix.org/wiki/Bridges" class="uri">https://www.whonix.org/wiki/Bridges</a> <sup><a href="https://web.archive.org/web/https://www.whonix.org/wiki/Bridges">[Archive.org]</a></sup>)</p></li>
<li><p>If you want to use Tor over VPN or cannot use any of those, leave it unchecked.</p></li>
<li><p>Be absolutely sure that you are verifying the signature of the ISO, which you can find on this page: <a href="https://www.qubes-os.org/security/verifying-signatures/" class="uri">https://www.qubes-os.org/security/verifying-signatures/</a> <sup><a href="https://web.archive.org/web/20220511015546/https://www.qubes-os.org/security/verifying-signatures/">[Archive.org]</a></sup>. Check by obtaining the fingerprint from multiple independent sources in several different ways as recommended. This is to ensure the image has not been tampered with. Do not skip this vital step even though we know we are getting the ISO from a trusted source, because its possible for the Qubes website to be compromised.</p></li>
</ul></li>
<li><p>If you cannot use Tor at all, there is also no point in installing Whonix. So, you should disable Whonix installation within the Software Selection Menu.</p></li>
</ul>
<p>To be sure your Qubes ISO hasnt been tampered with, you should get the Qubes master key fingerprint from multiple different sources. This guide can be used as one source.</p>
<p>The Qubes master signing key fingerprint should match <code>427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494</code>.</p>
<p><em>Remember to read the guide to verifying signatures on the Qubes website: <a href="https://www.qubes-os.org/security/verifying-signatures/" class="uri">https://www.qubes-os.org/security/verifying-signatures/</a> <sup><a href="https://web.archive.org/web/20220511015546/https://www.qubes-os.org/security/verifying-signatures/">[Archive.org]</a></sup>.</em></p>
<h3 id="lid-closure-behavior">Lid Closure Behavior:</h3>
<p>Unfortunately, Qubes OS does not support hibernation<a href="#fn380" class="footnote-ref" id="fnref380" role="doc-noteref"><sup>380</sup></a> which is IMHO an issue regarding cold-boot attacks. To mitigate those, I highly recommend that you configure Qubes OS to shut down on any power action (power button, lid closure). You can do set this from the XFCE Power Manager. Do not use the sleep features.</p>
<h3 id="connect-to-a-public-wi-fi">Connect to a Public Wi-Fi:</h3>
@@ -3626,7 +3631,7 @@
<li><p>If you checked the Tor option during install, wait patiently as this might take a while over Tor</p></li>
</ul>
<h3 id="updating-whonix-from-version-15-to-version-16">Updating Whonix from version 15 to version 16:</h3>
<p>Follow the instructions on <a href="https://www.whonix.org/wiki/Qubes/Install" class="uri">https://www.whonix.org/wiki/Qubes/Install</a> <sup><a href="https://web.archive.org/web/https://www.whonix.org/wiki/Qubes/Install">[Archive.org]</a></sup></p>
<p>Follow the instructions on <a href="https://www.whonix.org/wiki/Qubes/Install" class="uri">https://www.whonix.org/wiki/Qubes/Install</a> <sup><a href="https://web.archive.org/web/https://www.whonix.org/wiki/Qubes/Install">[Archive.org]</a></sup>. <em>If youre running Qubes 4.1, this is already done for you.</em></p>
<h3 id="hardening-qubes-os">Hardening Qubes OS:</h3>
<p><strong>Disclaimer: This section is under construction and will be worked on heavily in the next releases. This section is for more advanced users.</strong></p>
<h4 id="application-sandboxing">Application Sandboxing:</h4>