Change log

2025-01-04

• Added tighter timeouts for stateful firewall openings.

• Added more verifications for each implemented security control. One has to know if controls are implemented correctly

• Added dpkg-divert’s so that updates will not override our .conf settings. Updates will overwrite settings if this is not set

• Enable Yubikey

2024-12-30
Ensure your security is Risk based so that you assess what is valuable to you, and implement security in a prioritized way

2024-12-24

• Removal of insecure X11 in favor of Wayland

• Added method to disable dangerous peer-to-peer WiFi which allows unauthenticated near by attacks if you live in a apartment

2024-11-28
Security Principles : so that you can discover and add more security measures

2024-11-18
Added TLS 1.3 requirement to Firefox, which has Simultaneous Authentication of Equals among other security controls.

2024-11-12
Added more blacklist’s for firefox firejail security container. One needs to eliminate unneeded but possible code invocations to implement a default deny policy

2024-11-10
Firejail config improvements

???

• Added Pin-priotity -1 for packages that were deliberately uninstalled so that updates will not install them again

2024-10-20
Modem/Router Attacks

2024-10-11
Use a VPN, even at home

2024-09-16
Changed the order of sections so that the most important things are done offline first.

Support me a little: https://buymeacoffee.com/fortifiedubuntu.org