Update for 12-01-22 00:30

tech/cia-do-dont.wiki

@@ -46,3 +46,24 @@ This is the CIA list of dos and donts.
 * DO document disk forensic footprint that could created by tool
 * DONOT read, write, or cache data to disk for no reason
 * DONOT write plain text collected data to the disk
+* DO encrypt all data written to disk
+* DO utilize a secure erase when removing a files from disk that also wipes
+  filename, datetime stamp, and contents
+* DO perfom at least a single pass of zeros over the content of the file
+* DONOT perform disk IO operations that will make the system unresponsive
+* DONOT use a magic header or footer
+* DONOT use hard-coded filenames or filepaths. These must be configurable at
+  deployment time by the operator
+* DO have a configurable max size limit or output file count for writing files
+
+== Dates/Time ==
+
+* DO use GMT/UTC/Zulu
+* DONOT use US-centeric timestamps
+* DO use YYYYMMDD instead
+
+== PSP/AV ==
+
+* DONOT assume free versions of PSP is the same as retail PSP. Test on all
+  versions in a sandbox
+* DO test PSPs with recently live internet connections when possible

tech/security.wiki

@@ -6,7 +6,7 @@ Tools useful for security, either offensive or defensive
 
 Hiding information
 
-[[cia-do-dont]]
+* [[cia-do-dont]]
 
 === Ciphers ===