Quality of Life.md

@@ -38,27 +38,15 @@ Lenovo ePrivacy can be controlled through `/proc/acpi/ibm/lcdshadow`. I use the
 - F6: `sudo bash -c 'echo 0 > /proc/acpi/ibm/lcdshadow'`
 
 ### FIDO2 policies
-The GUI configurator are missing 2 important policies needed for FIDO2 to work correctly, namely `ctap.GetInfo` and `ctap.ClientPin`.
+The GUI configurator are missing 2 important policies needed for FIDO2 to work correctly, namely ctap.GetInfo and ctap.ClientPin.
 
 Personally, I created `/etc/qubes/policy.d/50-ctap.policy` (note that I don't touch `/etc/qubes/policy.d/50-config-u2f.policy` to avoid it being overwritten by the GUI tool):
 
 ```
-ctap.GetInfo    *  microsoft-edge  sys-usb  allow
+ctap.GetInfo    *  microsoft-edge  sys-usb  allpw
 ctap.ClientPin  *  microsoft-edge  sys-usb  allow
 ```
 
-### Split GPG
-The GUI configurator is very broken so I don't use it. Instead, I write my own policy at `/etc/qubes/policy.d/50-gpg.policy`
-```
-qubes.Gpg  *  thunderbird  vault  allow
-```
-
-Note that I just use allow here, because the vault VM on a new Fedora 41 already prompts for confirmation, so I don't wanna have to answer yet another prompt from dom0.
-
-### Trivial data exfiltration prevention
-
-One trivial way for malicious applications to exfiltrate data from an offline VM is to open a link in a disposable VM with a payload. To prevent this, open the VM settings, go to advanced and set the default disposable template to none.
-
 ### Bitwarden & Element Flatpak
 
 These apps require the keyring to be created first to work properly. Simply open a browser like Microsoft Edge and set an empty password for the keyring before using them.