On 1/20/20 10:56 AM, fiftyfourthparal...@gmail.com wrote:
Many thanks for the swift and detailed response.
I'll enable AppArmor (using your instructions from another thread
<https://groups.google.com/forum/#!topic/qubes-users/cNwCH3rcIGk>) and
install your qubes hardening project. I was slightly hesitant before,
but I did some quick Googling and realised you're on the Qubes team.
Would you happen to have any other major security tips? Are there any
ways to secure my booting process without a TPM?
To correct a misunderstanding... I'm not a member of the Qubes project.
I'm listed on the Qubes page as a contributor, e.g. contributing to the
project from the outside.
I think a TPM-like device is important for physical security if you
don't expect too much of it. It makes evil maid type attacks more
time-consuming and complicated. Beyond that, you could search about ways
to make computers physically tamper-evident.
I feel like this sort of information can be compiled into a handy-dandy
security hardening guide for the documentation section. I wouldn't mind
writing it up if you provide the technical details (I'm not very
technical, but I can write).
There was an effort like that years ago. The doc is here and you can
still suggest edits:
https://www.qubes-os.org/doc/security-guidelines/
But there are also a number of other security guides on the doc page:
https://www.qubes-os.org/doc
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/ff8e1b9a-be59-eecc-bae6-b157b9ce0610%40posteo.net.
