Merge pull request #5448 from gonzalo-bulnes/minor-fix-product-names-…

…capitalisation-for-readability

Minor fix product names capitalisation for readability

.gitignore

@@ -156,7 +156,7 @@ raw-test-output/
 # molecule
 .molecule
 
-#Used in CI for parsing out tor nightly version
+#Used in CI for parsing out Tor nightly version
 .tor_version
 
 # Ignore visual studio code folder

Vagrantfile

@@ -11,7 +11,7 @@ Vagrant.configure("2") do |config|
   # so the key insertion feature should be disabled.
   config.ssh.insert_key = false
 
-  # The staging hosts are just like production but allow non-tor access
+  # The staging hosts are just like production but allow non-Tor access
   # for the web interfaces and ssh.
   config.vm.define 'mon-staging', autostart: false do |staging|
     if ENV['SECUREDROP_SSH_OVER_TOR']

admin/bootstrap.py

@@ -166,7 +166,7 @@ def envsetup(args, virtualenv_dir=VENV_DIR):
     Ansible is available to the Admin on subsequent boots without requiring
     installation of packages again.
     """
-    # clean up tails 3.x venv when migrating to tails 4.x
+    # clean up Tails 3.x venv when migrating to Tails 4.x
     clean_up_tails3_venv(virtualenv_dir)
 
     # virtualenv doesnt exist? Install dependencies and create
@@ -175,7 +175,7 @@ def envsetup(args, virtualenv_dir=VENV_DIR):
         install_apt_dependencies(args)
 
         # Technically you can create a virtualenv from within python
-        # but pip can only be run over tor on tails, and debugging that
+        # but pip can only be run over Tor on Tails, and debugging that
         # along with instaling a third-party dependency is not worth
         # the effort here.
         sdlog.info("Setting up virtualenv")

admin/securedrop_admin/__init__.py

@@ -720,9 +720,9 @@ def find_or_generate_new_torv3_keys(args):
     # No old keys, generate and store them first
     app_journalist_public_key, \
         app_journalist_private_key = generate_new_v3_keys()
-    # For app ssh service
+    # For app SSH service
     app_ssh_public_key, app_ssh_private_key = generate_new_v3_keys()
-    # For mon ssh service
+    # For mon SSH service
     mon_ssh_public_key, mon_ssh_private_key = generate_new_v3_keys()
     tor_v3_service_info = {
             "app_journalist_public_key": app_journalist_public_key,

ansible.cfg

@@ -8,9 +8,9 @@ timeout=60
 callback_whitelist = profile_tasks
 
 [ssh_connection]
-# These options are required to be able to run the playbook over tor and
-# with the ssh iptables rules rate-limiting. Removing this file or changing these
-# options could break being able to run the playbook over tor
+# These options are required to be able to run the playbook over Tor and
+# with the SSH iptables rules rate-limiting. Removing this file or changing these
+# options could break being able to run the playbook over Tor
 scp_if_ssh=True
 ssh_args = -o ControlMaster=auto -o ControlPersist=600s -o ConnectTimeout=60
 pipelining=True

changelog.md

@@ -318,7 +318,7 @@
 
 ### Developer Workflow
 
-* Updated functional tests to run against the Tor Browser (#4347)
+* Updated functional tests to run against Tor Browser (#4347)
 * Consolidated CI lint Makefile targets (#4435)
 * Added 0.12.2  boxes for use with the Molecule upgrade scenario (#4393)
 * Added deb tests to builder image update (#4388)
@@ -539,7 +539,7 @@ https://github.com/freedomofpress/securedrop/milestone/47
 ### Operations
 
 * Updated the grsecurity-hardened Linux Kernels to 4.4.144 for app and mon servers (#3662)
-* Updated tor to version 0.3.3.9 (#3624)
+* Updated Tor to version 0.3.3.9 (#3624)
 * Updated Flask to 1.0.2 and Werkzeug to 0.14.1 (#3741)
 * Updated securedrop-keyring package to 0.1.2 (#3752)
 
@@ -1058,8 +1058,8 @@ This release contains fixes for issues described in the most recent security aud
 * Ensure correct permissions for Tor hidden service directories so new installs won't break (#1052)
 * Clarify server setup steps in the install documentation (#1027, #1061)
 * Clarify that Tor ATHS setup is now automatic and does not require manual changes (#1030)
-* Explain that you can only download files to the "Tor Browser" folder on Tails as of Tails 1.3, due to the addition of AppArmor confinement for the Tor Browser (#1036, #1062).
-* Explain that you must use the Unsafe Browser to configure the network firewall because the Tor Browser will be blocked from accessing LAN addresses starting in Tails 1.5 (#1050)
+* Explain that you can only download files to the "Tor Browser" folder on Tails as of Tails 1.3, due to the addition of AppArmor confinement for Tor Browser (#1036, #1062).
+* Explain that you must use the Unsafe Browser to configure the network firewall because Tor Browser will be blocked from accessing LAN addresses starting in Tails 1.5 (#1050)
 * Fix "gotcha" in network firewall configuration where pfSense guesses the wrong CIDR subnet (#1060)
 * Update the upgrade docs to refer to the latest version of the 0.3.x release series instead of a specific version that would need to be updated every time (#1063)
 
@@ -1144,7 +1144,7 @@ to minimize metadata that could be used for correlation
 ### Environment
 
 * Add egress host firewall rules
-* Add google-authenticator apache module and basic auth for access to
+* Add google-authenticator Apache module and basic auth for access to
 document interface
 * Encrypt bodies of OSSEC email alerts (add postfix+procmail to monitor
 server)

docs/backup_and_restore.rst

@@ -167,7 +167,7 @@ to update the corresponding files on the *Admin Workstation*:
 * ``app-journalist-aths``
 * ``app-ssh-aths``
 
-Once ssh access to the servers has been established (or if using ssh over
+Once SSH access to the servers has been established (or if using SSH over
 local network), Onion URLs for the *Source Interface* and *Journalist Interfaces*
 can be fetched using the installer:
 

docs/create_admin_account.rst

@@ -50,7 +50,7 @@ output like this:
 Passphrases include the spaces between the words, but not leading or trailing
 whitespace. Be sure to save this passphrase in the appropriate KeePassXC database.
 
-Once that's done, you should open the Tor Browser |TorBrowser| and
+Once that's done, you should open Tor Browser |TorBrowser| and
 navigate to the *Journalist Interface*'s .onion address. Verify that you
 can log in to the *Journalist Interface* with the admin account you just
 created.

docs/deployment/landing_page.rst

@@ -120,7 +120,7 @@ services intercept requests between a potential source and the SecureDrop
 
 Do Not Hyperlink .onion Addresses
 ---------------------------------
-Because a visitor to your *Landing Page* may not be using the Tor browser yet,
+Because a visitor to your *Landing Page* may not be using Tor Browser yet,
 clicking a link to your SecureDrop instance or to any other .onion address may
 result in an error message. Worse, depending on the browser and network
 configuration, it may cause lookups that an adversary can use to identify
@@ -134,7 +134,7 @@ Avoid Direct Links to SecureDrop.org
 
 We appreciate that you may want to link to `the SecureDrop website <https://securedrop.org/>`__
 to give *Landing Page* visitors more information about the system. Unfortunately,
-if a visitor visits these links without using the Tor browser, this generates
+if a visitor visits these links without using Tor Browser, this generates
 traffic that an adversary may be able to use to identify SecureDrop-related
 behavior, regardless of the use of HTTPS.
 
@@ -345,7 +345,7 @@ identity. Instead, use public wifi networks and devices you control.
 Once you are connected to a public network at a cafe or library, download
 and install the `Tor Browser <https://www.torproject.org/projects/torbrowser>`_.
 
-Launch the Tor Browser. Visit our organization’s unique SecureDrop URL at
+Launch Tor Browser. Visit our organization’s unique SecureDrop URL at
 **http://our-unique-URL.onion/**.
 Follow the instructions you find on our source page to
 send us materials and messages.

docs/deployment/whole_site_changes.rst

@@ -29,5 +29,5 @@ Suggested
 -  For publicly advertised SecureDrop instances display the Source
    Interface's Onion Service onion address on all of the organization
    public pages.
--  Mirror the Tor Browser and Tails so sources do not have to
+-  Mirror Tor Browser and Tails so sources do not have to
    visit `torproject.org <https://www.torproject.org>`__ to download it.

docs/development/release_management.rst

@@ -48,7 +48,7 @@ Pre-Release
          playbook.yml>`_ and open a PR.
 
       b. Run ``make fetch-tor-packages`` to download the new debs. The script uses
-         apt under the hood, so the Release file on the tor packages is verified according
+         apt under the hood, so the Release file on the Tor packages is verified according
          to Tor's signature, ensuring package integrity.
 
       c. Copy the downloaded packages into the ``securedrop-dev-packages-lfs`` repo,

docs/development/tips_and_tricks.rst

@@ -4,7 +4,7 @@ Tips & Tricks
 Using Tor Browser with the Development Environment
 --------------------------------------------------
 
-We strongly encourage sources to use the Tor Browser when they access
+We strongly encourage sources to use Tor Browser when they access
 the Source Interface. Tor Browser is the easiest way for the average
 person to use Tor without making potentially catastrophic mistakes,
 makes disabling JavaScript easy via the handy NoScript icon in the

docs/journalist.rst

@@ -47,7 +47,7 @@ Workstation*, ask your administrator for assistance before continuing.
           you will become increasingly comfortable with the process.
 
 To use the *Journalist Interface*, you will visit a Tor Onion Service address
-in the Tor Browser. By design, this Onion Service address is only accessible
+in Tor Browser. By design, this Onion Service address is only accessible
 from your *Journalist Workstation*; it will not work in Tor Browser on another
 computer, unless explicitly configured with an access token.
 

docs/network_firewall.rst

@@ -181,7 +181,7 @@ Connect to the pfSense WebGUI
 #. After a few seconds, the Unsafe Browser should launch. The window
    has a bright red border to remind you to be careful when using
    it. You should close it once you're done configuring the firewall
-   and use the Tor Browser for any other web browsing you might do on
+   and use Tor Browser for any other web browsing you might do on
    the *Admin Workstation*.
 
    |Unsafe Browser Homepage|
@@ -834,7 +834,7 @@ described as follows:
 * Allow UDP NTP from *Application Server* and *Monitor Server* to all
 * Allow TCP any port from *Application Server* and *Monitor Server* to all (this is needed for making connections to the Tor network)
 * Allow TCP 80/443 from *Admin Workstation* to all (in case there is a need to access the web interface of the firewall)
-* Allow TCP ssh from *Admin Workstation* to *Application Server* and *Monitor Server*
+* Allow TCP SSH from *Admin Workstation* to *Application Server* and *Monitor Server*
 * Allow TCP any port from *Admin Workstation* to all
 
 This can be implemented with iptables, Cisco IOS etc. if you have the necessary

docs/rebuild_admin.rst

@@ -397,7 +397,7 @@ Once the ``./securedrop-admin tailsconfig`` command is complete:
    the servers using ``ssh app`` and ``ssh mon``, accepting the host verification
    prompt if necessary,
  - and verify that the desktop shortcuts for the *Source* and *Journalist Interfaces*
-   work correctly, opening their respective homepages in the Tor Browser.
+   work correctly, opening their respective homepages in Tor Browser.
 
 Next, back up the servers by running the following command in the terminal:
 

docs/servers.rst

@@ -31,7 +31,7 @@ The installation media and the files required to verify it are available on the
 * `SHA256SUMS`_
 * `SHA256SUMS.gpg`_
 
-If you're reading this documentation in the Tor Browser on the *Admin
+If you're reading this documentation in Tor Browser on the *Admin
 Workstation*, you can just click the links above and follow the prompts to save
 them to your Admin Workstation. We recommend saving them to the
 ``/home/amnesia/Persistent/Tor Browser`` directory on the *Admin Workstation*,

docs/source.rst

@@ -26,7 +26,7 @@ USB flash drive, using cash. In any case you must then find a busy coworking
 place or cyber cafe you don't regularly go to and sit at a place with your back
 to a wall to avoid cameras capturing information on your screen or keystrokes.
 
-Get the Tor Browser
+Get Tor Browser
 -------------------
 
 Each SecureDrop instance has a publicly available *Source Interface:* a website
@@ -40,20 +40,20 @@ for anybody observing the network to associate a user's identity (e.g., their
 computer's IP address) with their activity (e.g., uploading information to
 SecureDrop).
 
-The easiest and most secure way to use Tor is to download the Tor Browser from
+The easiest and most secure way to use Tor is to download Tor Browser from
 the `Tor Project website`_. The Tor Browser is a modified version of the Firefox
 web browser. It was designed to protect your security and anonymity while
-using Tor. If there is a chance that downloading the Tor Browser raises
+using Tor. If there is a chance that downloading Tor Browser raises
 suspicion, you have a few alternatives, for example:
 
 * If your mail provider is less likely to be monitored, you can send a mail to
   [email protected] with the text "linux", "windows" or "osx" in the body
   (for your preferred operating system) and a bot will answer with instructions.
-* You can download a copy of the Tor Browser for your operating system from the
+* You can download a copy of Tor Browser for your operating system from the
   `GitLab mirror <https://gitlab.com/thetorproject/gettorbrowser/tree/torbrowser-releases>`__.
   maintained by the Tor team.
 
-While using the Tor Browser on your personal computer helps hide your activity
+While using Tor Browser on your personal computer helps hide your activity
 on the network, it leaves traces of its own installation on your local
 machine. Your operating system may keep additional logs, for example, of the
 last time you used Tor Browser.
@@ -108,7 +108,7 @@ main website's homepage (for news organizations, typically under sections called
 accepting submissions through SecureDrop in the `SecureDrop Directory`_
 maintained by Freedom of the Press Foundation.
 
-Using the Tor Browser, find the ".onion" address for the *Source Interface* of
+Using Tor Browser, find the ".onion" address for the *Source Interface* of
 the organization that you wish to submit to.
 
 .. tip::
@@ -119,7 +119,7 @@ the organization that you wish to submit to.
 
    If the two addresses don't match, please do not submit to this organization
    yet. Instead, please `contact us <https://securedrop.org/report-an-error>`__
-   through the SecureDrop Website, using the Tor Browser. For additional
+   through the SecureDrop Website, using Tor Browser. For additional
    security, you can use our .onion service address in Tor:
 
    ``secrdrop5wyphb5x.onion/report-an-error``
@@ -134,14 +134,14 @@ Browser to visit the organization's *Source Interface*.
 Making Your First Submission
 ----------------------------
 
-Open the Tor Browser and navigate to the .onion address for the SecureDrop
+Open Tor Browser and navigate to the .onion address for the SecureDrop
 *Source Interface* you wish to make a submission to. The page should look similar
 to the screenshot below, although it will probably have a logo specific to the
 organization you are submitting to:
 
 |Source Interface with Javascript Disabled|
 
-If this is the first time you're using the Tor Browser, it's likely that you
+If this is the first time you're using Tor Browser, it's likely that you
 have JavaScript enabled and that the Tor Browser's security level is set
 to "Low". In this case, there will be a purple warning banner at the top of
 the page that encourages you to disable JavaScript and change the security

docs/test_the_installation.rst

@@ -7,8 +7,8 @@ Test Connectivity
 SSH to Both Servers Over Tor
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Assuming you haven't disabled ssh over tor, SSH access will be
-restricted to the tor network.
+Assuming you haven't disabled SSH over Tor, SSH access will be
+restricted to the Tor network.
 
 On the *Admin Workstation*, you should be able to SSH to the *Application Server* and the *Monitor Server*. ::
 
@@ -60,7 +60,7 @@ Test the Web Interfaces
 #. Make sure the *Source Interface* is available, and that you can make a
    submission.
 
-   - Open the *Source Interface* in the Tor Browser by clicking on its desktop
+   - Open the *Source Interface* in Tor Browser by clicking on its desktop
      shortcut. Proceed through the codename
      generation (copy this down somewhere) and submit a
      test message or file.
@@ -70,7 +70,7 @@ Test the Web Interfaces
 #. Test that you can access the *Journalist Interface*, and that you can log
    in as the admin user you just created.
 
-   - Open the *Journalist Interface* in the Tor Browser by clicking on its desktop
+   - Open the *Journalist Interface* in Tor Browser by clicking on its desktop
      shortcut.  Enter your passphrase and two-factor code to log in.
    - If you have problems logging in to the *Admin/Journalist Interface*,
      SSH to the *Application Server* and restart the ntp daemon to synchronize

docs/threat_model/mitigations.rst

@@ -58,7 +58,7 @@ Countermeasures on both *Source* and *Journalist Interfaces*
 -  All source submissions are encrypted with GPG at rest using the airgapped *Submission Key*
 -  *Interface* sessions are invalidated after a user logs out or inactivity over 120 minutes
 -  Session control on *Interface* includes CSRF token in Flask Framework
--  All *Interface* session data (except language and locale selection) is discarded at logout, and fully deleted upon exiting the Tor Browser
+-  All *Interface* session data (except language and locale selection) is discarded at logout, and fully deleted upon exiting Tor Browser
 -  A number of mitigations are in place as protection against malicious input vulnerabilities on the Source and Journalist Interfaces:
 
     - X-XSS-PROTECTION is enabled