Note about encrypting usb drives

doc/EN/backups.org

@@ -18,6 +18,8 @@
 #+END_CENTER
 
 * Backup to USB
+First and foremost - *encrypt your USB drives*! Even if you think you have "/nothing to hide/" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the /Disk Utility/ application. Some instructions [[https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage][can be found here]].
+
 Insert a USB thumb drive into the front socket of the Beaglebone Black.
 
 Log into the system and become the root user, then run the /backup/ command.
@@ -28,7 +30,7 @@ su
 backup
 #+END_SRC
 
-If this is the first time that you've made a backup then you will be prompted for your GPG key password.
+Type in the password for the USB drive, then if this is the first time that you've made a backup then you will be prompted for your GPG key passphrase.
 
 When the backup ends remove the USB drive and keep it somewhere safe. Even if it gets lost or falls into the wrong hands the content is encrypted and so is unlikely to become a source of leaks.
 * Restore from USB
@@ -42,7 +44,7 @@ su
 restore
 #+END_SRC
 
-You will be prompted to enter your GPG key password, then when the restore is complete you can remove the USB drive.
+Enter the password for the USB drive, then you will be prompted to enter your GPG key passphrase. When the restore is complete you can remove the USB drive.
 * Distributed backups
 Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
 

doc/EN/installation.org

@@ -181,7 +181,7 @@ On your internet router, typically under firewall settings, open the following p
 * Keydrives
 After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
 ** Master Keydrive
-This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the "Discs" application. Then plug it into the Freedombone system, then from your local machine run:
+This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be [[https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage][done from the /Disk Utility/ application]]. Then plug it into the Freedombone system, then from your local machine run:
 
 #+BEGIN_SRC bash
 ssh myusername@mydomainname -p 2222
@@ -193,7 +193,7 @@ exit
 
 If you are on a Beaglebone Black then use /sda/ rather than /sdb/ for the drive parameter.
 ** Fragment keydrives
-This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the "Discs" application. Plug it into the Freedombone system then from your local machine run the following commands:
+This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this [[https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage][can be done from the /Disk Utility/ application]]. Plug it into the Freedombone system then from your local machine run the following commands:
 
 #+BEGIN_SRC bash
 ssh myusername@mydomainname -p 2222

website/EN/backups.html

@@ -4,16 +4,22 @@
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
 <title></title>
-<!-- 2015-04-10 Fri 13:50 -->
+<!-- 2015-07-05 Sun 20:29 -->
 <meta  http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta  name="generator" content="Org-mode" />
 <meta  name="author" content="Bob Mottram" />
 <meta  name="description" content="Turn the Beaglebone Black into a personal communications server"
  />
 <meta  name="keywords" content="freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber" />
+<meta  name="viewport" content="width=device-width, initial-scale=1" />
 <style type="text/css">
  <!--/*--><![CDATA[/*><!--*/
-  .title  { text-align: center; }
+  .title  { text-align: center;
+             margin-bottom: .2em; }
+  .subtitle { text-align: center;
+              font-size: medium;
+              font-weight: bold;
+              margin-top:0; }
   .todo   { font-family: monospace; color: red; }
   .done   { font-family: monospace; color: green; }
   .priority { font-family: monospace; color: orange; }
@@ -21,9 +27,9 @@
             padding: 2px; font-size: 80%; font-weight: normal; }
   .timestamp { color: #bebebe; }
   .timestamp-kwd { color: #5f9ea0; }
-  .right  { margin-left: auto; margin-right: 0px;  text-align: right; }
-  .left   { margin-left: 0px;  margin-right: auto; text-align: left; }
-  .center { margin-left: auto; margin-right: auto; text-align: center; }
+  .org-right  { margin-left: auto; margin-right: 0px;  text-align: right; }
+  .org-left   { margin-left: 0px;  margin-right: auto; text-align: left; }
+  .org-center { margin-left: auto; margin-right: auto; text-align: center; }
   .underline { text-decoration: underline; }
   #postamble p, #preamble p { font-size: 90%; margin: .2em; }
   p.verse { margin-left: 3%; }
@@ -62,12 +68,12 @@
   caption.t-above { caption-side: top; }
   caption.t-bottom { caption-side: bottom; }
   td, th { vertical-align:top;  }
-  th.right  { text-align: center;  }
-  th.left   { text-align: center;   }
-  th.center { text-align: center; }
-  td.right  { text-align: right;  }
-  td.left   { text-align: left;   }
-  td.center { text-align: center; }
+  th.org-right  { text-align: center;  }
+  th.org-left   { text-align: center;   }
+  th.org-center { text-align: center; }
+  td.org-right  { text-align: right;  }
+  td.org-left   { text-align: left;   }
+  td.org-center { text-align: center; }
   dt { font-weight: bold; }
   .footpara:nth-child(2) { display: inline; }
   .footpara { display: block; }
@@ -148,7 +154,6 @@ for the JavaScript code in this tag.
 <a name="top" id="top"></a>
 </div>
 <div id="content">
-<h1 class="title"></h1>
 <div class="center">
 
 <div class="figure">
@@ -162,35 +167,39 @@ for the JavaScript code in this tag.
 
 
 <colgroup>
-<col  class="left" />
+<col  class="org-left" />
 </colgroup>
 <tbody>
 <tr>
-<td class="left"><a href="index.html">Home</a></td>
+<td class="org-left"><a href="index.html">Home</a></td>
 </tr>
 
 <tr>
-<td class="left"><a href="#unnumbered-1">Backup to USB</a></td>
+<td class="org-left"><a href="#orgheadline1">Backup to USB</a></td>
 </tr>
 
 <tr>
-<td class="left"><a href="#unnumbered-2">Restore from USB</a></td>
+<td class="org-left"><a href="#orgheadline2">Restore from USB</a></td>
 </tr>
 
 <tr>
-<td class="left"><a href="#unnumbered-3">Distributed backups</a></td>
+<td class="org-left"><a href="#orgheadline3">Distributed backups</a></td>
 </tr>
 
 <tr>
-<td class="left"><a href="#unnumbered-4">Restore from a friend</a></td>
+<td class="org-left"><a href="#orgheadline4">Restore from a friend</a></td>
 </tr>
 </tbody>
 </table>
 </div>
 
-<div id="outline-container-unnumbered-1" class="outline-2">
-<h2 id="unnumbered-1">Backup to USB</h2>
-<div class="outline-text-2" id="text-unnumbered-1">
+<div id="outline-container-orgheadline1" class="outline-2">
+<h2 id="orgheadline1">Backup to USB</h2>
+<div class="outline-text-2" id="text-orgheadline1">
+<p>
+First and foremost - <b>encrypt your USB drives</b>! Even if you think you have "<i>nothing to hide</i>" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the <i>Disk Utility</i> application. Some instructions <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be found here</a>.
+</p>
+
 <p>
 Insert a USB thumb drive into the front socket of the Beaglebone Black.
 </p>
@@ -208,7 +217,7 @@ backup
 </div>
 
 <p>
-If this is the first time that you've made a backup then you will be prompted for your GPG key password.
+Type in the password for the USB drive, then if this is the first time that you've made a backup then you will be prompted for your GPG key passphrase.
 </p>
 
 <p>
@@ -216,9 +225,9 @@ When the backup ends remove the USB drive and keep it somewhere safe. Even if it
 </p>
 </div>
 </div>
-<div id="outline-container-unnumbered-2" class="outline-2">
-<h2 id="unnumbered-2">Restore from USB</h2>
-<div class="outline-text-2" id="text-unnumbered-2">
+<div id="outline-container-orgheadline2" class="outline-2">
+<h2 id="orgheadline2">Restore from USB</h2>
+<div class="outline-text-2" id="text-orgheadline2">
 <p>
 Insert the USB thumb drive containing your backup into the front socket of the Beaglebone Black.
 </p>
@@ -236,13 +245,13 @@ restore
 </div>
 
 <p>
-You will be prompted to enter your GPG key password, then when the restore is complete you can remove the USB drive.
+Enter the password for the USB drive, then you will be prompted to enter your GPG key passphrase. When the restore is complete you can remove the USB drive.
 </p>
 </div>
 </div>
-<div id="outline-container-unnumbered-3" class="outline-2">
-<h2 id="unnumbered-3">Distributed backups</h2>
-<div class="outline-text-2" id="text-unnumbered-3">
+<div id="outline-container-orgheadline3" class="outline-2">
+<h2 id="orgheadline3">Distributed backups</h2>
+<div class="outline-text-2" id="text-orgheadline3">
 <p>
 Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
 </p>
@@ -288,12 +297,12 @@ Store it within a password manager on a USB drive which you carry with you. In t
 </p>
 </div>
 </div>
-<div id="outline-container-unnumbered-4" class="outline-2">
-<h2 id="unnumbered-4">Restore from a friend</h2>
-<div class="outline-text-2" id="text-unnumbered-4">
-</div><div id="outline-container-unnumbered-5" class="outline-3">
-<h3 id="unnumbered-5">With a completely new Freedombone installation</h3>
-<div class="outline-text-3" id="text-unnumbered-5">
+<div id="outline-container-orgheadline4" class="outline-2">
+<h2 id="orgheadline4">Restore from a friend</h2>
+<div class="outline-text-2" id="text-orgheadline4">
+</div><div id="outline-container-orgheadline5" class="outline-3">
+<h3 id="orgheadline5">With a completely new Freedombone installation</h3>
+<div class="outline-text-3" id="text-orgheadline5">
 <p>
 This is the ultimate disaster recovery scenario in which you are beginning completely from scratch with new hardware and a new Freedombone installation (configured with the same username and domain names). It is assumed that the old hardware was destroyed, but that you have the backup key stored within a password manager on a USB thumb drive.
 </p>
@@ -345,9 +354,9 @@ Then use the command:
 </div>
 </div>
 </div>
-<div id="outline-container-unnumbered-6" class="outline-3">
-<h3 id="unnumbered-6">On an existing Freedombone installation</h3>
-<div class="outline-text-3" id="text-unnumbered-6">
+<div id="outline-container-orgheadline6" class="outline-3">
+<h3 id="orgheadline6">On an existing Freedombone installation</h3>
+<div class="outline-text-3" id="text-orgheadline6">
 <p>
 This is for more common situations in which maybe some data became corrupted and you want to restore it.
 </p>

website/EN/installation.html

@@ -4,7 +4,7 @@
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
 <title></title>
-<!-- 2015-07-05 Sun 19:54 -->
+<!-- 2015-07-05 Sun 20:31 -->
 <meta  http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta  name="generator" content="Org-mode" />
 <meta  name="author" content="Bob Mottram" />
@@ -563,7 +563,7 @@ After installing for the first time it's a good idea to create some keydrives. T
 <h3 id="orgheadline12">Master Keydrive</h3>
 <div class="outline-text-3" id="text-orgheadline12">
 <p>
-This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the "Discs" application. Then plug it into the Freedombone system, then from your local machine run:
+This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run:
 </p>
 
 <div class="org-src-container">
@@ -585,7 +585,7 @@ If you are on a Beaglebone Black then use <i>sda</i> rather than <i>sdb</i> for
 <h3 id="orgheadline13">Fragment keydrives</h3>
 <div class="outline-text-3" id="text-orgheadline13">
 <p>
-This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the "Discs" application. Plug it into the Freedombone system then from your local machine run the following commands:
+This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands:
 </p>
 
 <div class="org-src-container">