Feat: doc updates

diff --git a/index.md b/index.md
index 885804d96ded992fa27168693fb1dc8944fb1a54..59837fe8067a5e7e0a89048b3f2ac554536219e4 100644 (file)
--- a/index.md
+++ b/index.md
@@ -14,8 +14,7 @@ attacks](https://en.wikipedia.org/wiki/Evil_maid_attack).
 - License: [GPLv3+](LICENSE).
 - Contact: rhatto at riseup.net.
 
-Design
-------
+## Design
 
 The user has at least one USB thumb drive which will be used to boot multiple
 operating systems in multiple machines for multiple different projects/farms
@@ -26,15 +25,13 @@ The `bootless` application wraps around `grub-mkrescue` to create a USB
 bootdisk with preloaded custom configuration and optional kernel and initramfs
 images.
 
-Dependencies
-------------
+## Dependencies
 
 - [GNU Grub](https://www.gnu.org/software/grub/).
 - Reference implementation is targeted to Debian like operating systems.
 - Optionally use git and [git-annex](http://git-annex.branchable.com/) to manage your repository and images.
 
-Installation
-------------
+## Installation
 
 Don't want to install another piece of software and prefer to build a bootless
 rescue disk yourself? Then read about the [barebones tutorial](tutorial).
@@ -53,8 +50,7 @@ you might have available on your shell.
 You can optionally add the `bootless` script it to your `$PATH` environment
 variable or package it to your preferred distro.
 
-Workflow
---------
+## Workflow
 
 Initialize:
 
@@ -72,14 +68,12 @@ Check device/image signatures:
 
     bootless check <folder> <device>
 
-Customization
--------------
+## Customization
 
 - Place your custom images into `custom` folder.
 - Edit `custom/custom.cfg` to suit your needs.
 
-Threat Model
-------------
+## Threat Model
 
 ### Does bootless mitigate all types of Evil Maid attacks? No.
 
@@ -124,8 +118,14 @@ Again:
    solution like Edward Snowden's [Haven](https://guardianproject.github.io/haven/)
    or even always stay with your
    [TPC - Trusted Physical Console](https://web.archive.org/web/20180914153944/http://cmrg.fifthhorseman.net/wiki/TrustedPhysicalConsole).
+   See also this [short video HOWTO](https://twitter.com/BlackAlchemySo2/status/1378565221879529472).
 
 5. When turning on your machine, make sure that the ethernet and wireless
    networks are switched off (this could be done by removing cables, antennas
    or switching the "rfkill" button in laptops), preventing any bootloader exploit
-   that broadcasts keystrokes.
+   that to broadcast keystrokes.
+
+6. Implement "Physically Unclonable Functions" at your device:
+    * [Thwarting Evil Maid Attacks](https://media.ccc.de/v/30C3_-_5600_-_en_-_saal_1_-_201312301245_-_thwarting_evil_maid_attacks_-_eric_michaud_-_ryan_lackey#t=2616) (30C3).
+    * [Don't Want Your Laptop Tampered With? Just Add Glitter Nail Polish](https://www.wired.com/2013/12/better-data-security-nail-polish/).
+    * [Home-made tamper-evident security seals for kids and adults alike](http://blog.ssokolow.com/archives/2017/04/08/home-made-tamper-evident-security-seals-for-kids-and-adults-alike/).