From 42be6310237bdb663f38982b221327a337251e0a Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Sun, 5 Nov 2023 14:54:05 -0500
Subject: [PATCH] readme

---
 README.md | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a88b7f3..c117f10 100644
--- a/README.md
+++ b/README.md
@@ -228,10 +228,20 @@ vulnerabilities such as CVE-2019-14899.
 
 * In addition, we deny the capability to track the originating device in the network at all, by using randomized MAC addresses per connection per default.
 
+See:
+
+* `/usr/lib/NetworkManager/conf.d/80_ipv6-privacy.conf`
+* `/usr/lib/NetworkManager/conf.d/80_randomize-mac.conf`
+* `/usr/lib/systemd/networkd.conf.d/80_ipv6-privacy-extensions.conf`
+
 ## Network & Bluetooth hardening
 
-* Not done yet, pending, see: https://github.com/Kicksecure/security-misc/pull/145
-  * planned: Bluetooth is left enabled but users are highly discouraged from ever turning it on, due to its history of numerous security vulnerabilities. Unlike the default settings, we start the system with bluetooth turned off. We also enforce private addresses and strict timeout settings for discoverability and visibility.
+* Bluetooth is left enabled but users are highly discouraged from ever turning it on, due to its history of numerous security vulnerabilities. Unlike the default settings, we start the system with bluetooth turned off. We also enforce private addresses and strict timeout settings for discoverability and visibility.
+
+See:
+
+* `/etc/bluetooth/30_security-misc.conf`
+* https://github.com/Kicksecure/security-misc/pull/145
 
 ## Entropy collection improvements