[1.0.0] [docs] Overhaul Transfer Device and export recommendations #4838
Resolves #4620 Resolves #4646 Resolves #4434 Resolves #4670 In addition to introducing the Transfer and Export Device, this commit clearly breaks out optional hardware into its own checklist, more strongly recommends purchase of a printer, and strengthens recommendations for malware mitigation. It removes some outdated recommendations and a reference to storing the journalist's GPG passphrase in KeePassX (not mentioned anywhere else). It removes instructions for journalists to set up individual GPG keys, as they are unlikely to be followed, and the more critical recommendation is to ensure tha the Export Device is encrypted. It updates the overview diagram and data flow diagram consistent with the above changes. This update also makes the diagrams more consistent with terminology and current practices. It removes OnionShare from the data flow diagram, as it is not currently mentioned elsewhere in the docs. (cherry picked from commit 948039b)
The hardware recommendations more clearly prioritize choices we can support and are familiar with (VeraCrypt, USB w/ write switch) over ones we cannot currently support well (hardware-encrypted drives, write blockers). The threat model has been updated consistent with the data flow updates; note that the clarified data flow means that the Transfer Device never stores _decrypted_ submissions. The use of write blockers for the Transfer Device has been clarified, as well. (cherry picked from commit 3b886df)
conorsch merged commit
Sep 17, 2019
3 checks passed
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments.