diff --git a/README.md b/README.md index fb52642..e3562b3 100644 --- a/README.md +++ b/README.md @@ -4,4 +4,4 @@ Most privacy guides episodes published on [YouTube](https://www.youtube.com/sunk Shout-out to [1984](https://www.1984hosting.com/), [Njalla](https://njal.la/), [rsync.net](https://rsync.net/), [SatoshiLabs](https://satoshilabs.com/) and [Shakepay](https://shakepay.com/) for [supporting](https://sunknudsen.com/donate) the privacy guides. 🙌 -Wish to contribute or need help? Read the [docs](./docs). +Wish to contribute or need help? Read the [docs](./docs/README.md). diff --git a/how-to-audit-source-code-of-proprietary-electron-app/README.md b/how-to-audit-source-code-of-proprietary-electron-app/README.md index db2b064..f83ceb4 100644 --- a/how-to-audit-source-code-of-proprietary-electron-app/README.md +++ b/how-to-audit-source-code-of-proprietary-electron-app/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- Computer running macOS Big Sur or Monterey or disposable [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos) +- Computer running macOS Big Sur or Monterey or disposable [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md) ## Caveats diff --git a/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md index 1164efa..a59d2a8 100644 --- a/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md +++ b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md @@ -62,7 +62,7 @@ gpg: imported: 1 Go to https://www.veracrypt.fr/en/Downloads.html and download latest release and associated PGP signature to `~/Downloads` folder. -### Step 6: verify VeraCrypt release signature (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) +### Step 6: verify VeraCrypt release signature (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) > Heads-up: replace `VeraCrypt_1.24-Update7` with current release. diff --git a/how-to-configure-borg-client-on-macos-using-command-line/README.md b/how-to-configure-borg-client-on-macos-using-command-line/README.md index 704d0f5..13197fd 100644 --- a/how-to-configure-borg-client-on-macos-using-command-line/README.md +++ b/how-to-configure-borg-client-on-macos-using-command-line/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- Borg server ([self-hosted](../how-to-self-host-hardened-borg-server) or cloud-based such as [BorgBase](https://www.borgbase.com/) or [rsync.net](https://rsync.net/products/attic.html)) +- Borg server ([self-hosted](../how-to-self-host-hardened-borg-server/README.md) or cloud-based such as [BorgBase](https://www.borgbase.com/) or [rsync.net](https://rsync.net/products/attic.html)) - Computer running macOS Catalina or Big Sur ## Caveats @@ -203,7 +203,7 @@ Write down the passphrase. Store both at safe place(s). ``` -#### Back up `~/.config/borg` and `~/Library/Keychains` folders (learn how [here](../how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) +#### Back up `~/.config/borg` and `~/Library/Keychains` folders (learn how [here](../how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md)) > Heads-up: both key (stored in `~/.config/borg`) and passphrase (stored in `~/Library/Keychains`) are required to decrypt backup. diff --git a/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md b/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md index 35a534d..8eb146a 100644 --- a/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md +++ b/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md @@ -16,7 +16,7 @@ Listed: true ## Requirements -- [Self-hosted hardened strongSwan IKEv2/IPsec VPN server](../how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos) +- [Self-hosted hardened strongSwan IKEv2/IPsec VPN server](../how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md) - Linux or macOS computer (referred to as “certificate authority computer”) - Debian-based Linux computer (referred to as “client computer”) @@ -27,7 +27,7 @@ Listed: true ## Guide -### Step 1: create client key and cert using certificate authority from [How to self-host hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS](../how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos) (on certificate authority computer). +### Step 1: create client key and cert using certificate authority from [How to self-host hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS](../how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md) (on certificate authority computer). #### Navigate to `strongswan-certs` directory diff --git a/how-to-create-encrypted-paper-backup/README.md b/how-to-create-encrypted-paper-backup/README.md index 655deec..e4420aa 100644 --- a/how-to-create-encrypted-paper-backup/README.md +++ b/how-to-create-encrypted-paper-backup/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- [Hardened Raspberry Pi](../how-to-configure-hardened-raspberry-pi) +- [Hardened Raspberry Pi](../how-to-configure-hardened-raspberry-pi/README.md) - [Adafruit PiTFT monitor](https://www.adafruit.com/product/2423) (optional) - [Compatible USB webcam](https://elinux.org/RPi_USB_Webcams) (720P or 1080P, powered directly by Raspberry Pi) - USB keyboard ([Raspberry Pi keyboard and hub](https://www.raspberrypi.org/products/raspberry-pi-keyboard-and-hub/) recommended) @@ -144,7 +144,7 @@ imported: 1 👍 -### Step 12: verify integrity of Sun’s PGP public key (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos#verify-suns-pgp-public-key-using-fingerprint)) +### Step 12: verify integrity of Sun’s PGP public key (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md#verify-suns-pgp-public-key-using-fingerprint)) ```console $ gpg --fingerprint hello@sunknudsen.com diff --git a/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md index 44dd8e9..8c8fd42 100644 --- a/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md +++ b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md @@ -12,7 +12,7 @@ Listed: true [![How to encrypt, sign and decrypt messages using GnuPG on macOS](how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png)](https://www.youtube.com/watch?v=mE8fL5Fu8x8 "How to encrypt, sign and decrypt messages using GnuPG on macOS") -> Heads-up: this is a “getting started” guide. Learn how to harden GnuPG [here](../how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey). +> Heads-up: this is a “getting started” guide. Learn how to harden GnuPG [here](../how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md). ## Requirements @@ -106,7 +106,7 @@ uid John Doe sub cv25519 2021-12-29 [E] ``` -### Step 5: back up `~/.gnupg` folder (learn how [here](../how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) +### Step 5: back up `~/.gnupg` folder (learn how [here](../how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md)) > Heads-up: files stored in `~/.gnupg` include private keys which, if lost, results in loosing one’s cryptographic identity (safeguard backup mindfully). diff --git a/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md b/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md index 1df7ee4..ab1db23 100644 --- a/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md +++ b/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos) with VeraCrypt [installed](../how-to-install-and-use-veracrypt-on-tails) +- [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md) with VeraCrypt [installed](../how-to-install-and-use-veracrypt-on-tails/README.md) - YubiKey with [OpenPGP](https://www.yubico.com/us/store/compare/) support (firmware version `5.2.3` or higher) - Computer running macOS Catalina or Big Sur @@ -81,7 +81,7 @@ $ torsocks curl -L -o ~/Downloads/yubikey-manager-qt.AppImage.sig https://develo 100 310 100 310 0 0 262 0 0:00:01 0:00:01 --:--:-- 262 ``` -### Step 5: verify “YubiKey Manager” AppImage release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) and make AppImage executable +### Step 5: verify “YubiKey Manager” AppImage release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) and make AppImage executable ```console $ gpg --verify ~/Downloads/yubikey-manager-qt.AppImage.sig diff --git a/how-to-install-and-use-electrum-over-tor-on-macos/README.md b/how-to-install-and-use-electrum-over-tor-on-macos/README.md index 1c433e2..524c7a0 100644 --- a/how-to-install-and-use-electrum-over-tor-on-macos/README.md +++ b/how-to-install-and-use-electrum-over-tor-on-macos/README.md @@ -65,7 +65,7 @@ imported: 1 Go to https://electrum.org/#download and download latest release and associated PGP signature to `~/Downloads` folder. -#### Verify Electrum release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) +#### Verify Electrum release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) > Heads-up: replace `4.1.4` with [latest release](https://electrum.org/#download) semver. @@ -108,7 +108,7 @@ imported: 1 Go to https://www.torproject.org/download/ and download latest release and associated PGP signature to `~/Downloads` folder. -#### Verify “Tor Browser” release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) +#### Verify “Tor Browser” release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) > Heads-up: replace `10.0.17` with [latest release](https://www.torproject.org/download/) semver. diff --git a/how-to-install-and-use-trezor-suite-on-tails/README.md b/how-to-install-and-use-trezor-suite-on-tails/README.md index 1a71ad4..e163693 100644 --- a/how-to-install-and-use-trezor-suite-on-tails/README.md +++ b/how-to-install-and-use-trezor-suite-on-tails/README.md @@ -12,7 +12,7 @@ Listed: true ## Requirements -- [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos) +- [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md) ## Caveats @@ -94,7 +94,7 @@ $ torsocks curl --fail --output ~/Downloads/trezor-suite.AppImage.asc https://su 100 833 100 833 0 0 933 0 --:--:-- --:--:-- --:--:-- 932 ``` -### Step 10: verify “Trezor Suite” release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) +### Step 10: verify “Trezor Suite” release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) ```console $ gpg --verify ~/Downloads/trezor-suite.AppImage.asc diff --git a/how-to-install-and-use-veracrypt-on-tails/README.md b/how-to-install-and-use-veracrypt-on-tails/README.md index e4854d0..d5af403 100644 --- a/how-to-install-and-use-veracrypt-on-tails/README.md +++ b/how-to-install-and-use-veracrypt-on-tails/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos) +- [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md) ## Caveats @@ -80,7 +80,7 @@ VERACRYPT_RELEASE_SEMVER=1.25.4 Click “Applications”, then “Tor Browser”, go to https://www.veracrypt.fr/en/Downloads.html and download latest release of “Linux Generic Installer” and associated PGP signature. -### Step 9: verify VeraCrypt release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) +### Step 9: verify VeraCrypt release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) ```console $ gpg --verify ~/Tor\ Browser/veracrypt-$VERACRYPT_RELEASE_SEMVER-setup.tar.bz2.sig diff --git a/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md b/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md index 950ad31..a4b4243 100644 --- a/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md +++ b/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md @@ -67,7 +67,7 @@ imported: 1 Go to https://tails.boum.org/install/download/index.en.html and download latest release and associated PGP signature (found under “or download the OpenPGP signature”) to `~/Downloads` folder. -### Step 6: verify Tails release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) +### Step 6: verify Tails release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md)) > Heads-up: replace `4.25` with [latest release](https://tails.boum.org/install/download/index.en.html) semver. diff --git a/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md b/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md index e8fecca..9e690ad 100644 --- a/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md +++ b/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- Computer running macOS Big Sur or Monterey or [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos) +- Computer running macOS Big Sur or Monterey or [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md) - [Trezor](https://trezor.io/) device ## Caveats diff --git a/how-to-self-host-hardened-bitcoin-node/README.md b/how-to-self-host-hardened-bitcoin-node/README.md index 1b03cde..7ecc954 100644 --- a/how-to-self-host-hardened-bitcoin-node/README.md +++ b/how-to-self-host-hardened-bitcoin-node/README.md @@ -294,7 +294,7 @@ imported: 1 👍 -### Step 11: verify integrity of Sun’s PGP public key (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos#verify-suns-pgp-public-key-using-fingerprint)) +### Step 11: verify integrity of Sun’s PGP public key (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md#verify-suns-pgp-public-key-using-fingerprint)) ```console $ gpg --fingerprint hello@sunknudsen.com diff --git a/how-to-self-host-hardened-bitcoin-node/misc/how-to-seed-bitcoin-dataset.md b/how-to-self-host-hardened-bitcoin-node/misc/how-to-seed-bitcoin-dataset.md index 1dfc623..c020049 100644 --- a/how-to-self-host-hardened-bitcoin-node/misc/how-to-seed-bitcoin-dataset.md +++ b/how-to-self-host-hardened-bitcoin-node/misc/how-to-seed-bitcoin-dataset.md @@ -139,7 +139,7 @@ imported: 1 👍 -### Step 6: verify integrity of Sun’s PGP public key (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos#verify-suns-pgp-public-key-using-fingerprint)) +### Step 6: verify integrity of Sun’s PGP public key (learn how [here](../../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md#verify-suns-pgp-public-key-using-fingerprint)) ```console $ gpg --fingerprint hello@sunknudsen.com diff --git a/how-to-self-host-hardened-borg-server/README.md b/how-to-self-host-hardened-borg-server/README.md index 88a7189..8a5937d 100644 --- a/how-to-self-host-hardened-borg-server/README.md +++ b/how-to-self-host-hardened-borg-server/README.md @@ -14,7 +14,7 @@ Listed: true ## Requirements -- [Hardened Debian server](../how-to-configure-hardened-debian-server) or [hardened Raspberry Pi](../how-to-configure-hardened-raspberry-pi) +- [Hardened Debian server](../how-to-configure-hardened-debian-server/README.md) or [hardened Raspberry Pi](../how-to-configure-hardened-raspberry-pi/README.md) - Linux or macOS computer ## Caveats diff --git a/how-to-self-host-hardened-jitsi-server/README.md b/how-to-self-host-hardened-jitsi-server/README.md index 1f7913a..dedafb1 100644 --- a/how-to-self-host-hardened-jitsi-server/README.md +++ b/how-to-self-host-hardened-jitsi-server/README.md @@ -12,7 +12,7 @@ Listed: true ## Requirements -- [Hardened Debian server](../how-to-configure-hardened-debian-server) +- [Hardened Debian server](../how-to-configure-hardened-debian-server/README.md) - Linux or macOS computer ## Caveats diff --git a/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md index 77fea18..cbb5f3c 100644 --- a/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md +++ b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md @@ -14,7 +14,7 @@ Listed: true > **Heads-up: guide is no longer maintained and should be considered obsolete.** -> Heads-up: when following this guide on servers with upstream IPv4-only networks (which is totally fine if one knows what one is doing), it’s likely IPv6 traffic will leak on iOS when clients are connected to carriers or ISPs running dual stack (IPv4 + IPv6) networks. Leaks can be mitigated on iOS (cellular-only) and on macOS by following this [guide](../how-to-disable-ipv6-on-ios-cellular-only-and-macos). +> Heads-up: when following this guide on servers with upstream IPv4-only networks (which is totally fine if one knows what one is doing), it’s likely IPv6 traffic will leak on iOS when clients are connected to carriers or ISPs running dual stack (IPv4 + IPv6) networks. Leaks can be mitigated on iOS (cellular-only) and on macOS by following this [guide](../how-to-disable-ipv6-on-ios-cellular-only-and-macos/README.md). ## Requirements diff --git a/how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md b/how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md index 109ac42..149825d 100644 --- a/how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md +++ b/how-to-verify-pgp-digital-signatures-using-gnupg-on-macos/README.md @@ -86,7 +86,7 @@ imported: 1 ### Verify signer’s PGP public key using fingerprint -> Heads-up: replace `hello@sunknudsen.com` with signer’s email and use published fingerprints to verify signer’s cryptographic identity (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos#verify-suns-pgp-public-key-using-fingerprint)). +> Heads-up: replace `hello@sunknudsen.com` with signer’s email and use published fingerprints to verify signer’s cryptographic identity (learn how [here](../how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md#verify-suns-pgp-public-key-using-fingerprint)). ```console $ gpg --fingerprint hello@sunknudsen.com