How Do YOU Establish a Secure Computing Environment? 314
sneakyimp writes "We've seen increasingly creative ways for bad guys to compromise your system like infected pen drives, computers preloaded with malware, mobile phone apps with malware, and a $300 app that can sniff out your encryption keys. On top of these obvious risks, there are lingering questions about the integrity of common operating systems and cloud computing services. Do Windows, OSX, and Linux have security holes? Does Windows supply a backdoor for the U.S. or other governments? Should you really trust your Linux multiverse repository? Do Google and Apple data mine your private mobile phone data for private information? Does Ubuntu's sharing of my data with Amazon compromise my privacy? Can the U.S. Government seize your cloud data without a warrant? Can McAfee or Kaspersky really be trusted?
Naturally, the question arises of how to establish and maintain an ironclad workstation or laptop for the purpose of handling sensitive information or doing security research. DARPA has approached the problem by awarding a $21.4M contract to Invincea to create a secure version of Android. What should we do if we don't have $21.4M USD? Is it safe to buy a PC from any manufacturer? Is it even safe to buy individual computer components and assemble one's own machine? Or might the motherboard firmware be compromised? What steps can one take to ensure a truly secure computing environment? Is this even possible? Can anyone recommend a through checklist or suggest best practices?"
Simples! (Score:5, Interesting)
Optical TEMPEST (Score:3)
Re: (Score:2)
Re: (Score:3)
Syn attacks might cause a buffer overflow and a root, but it's unlikely. It depends on the genre of the TCP stack, what service is being slaughtered in the stack, What it does do is chew up resources.
A Syn attack is just as much of a security issue as not parsing get/posts and blowing up an httpd. The job is to take someone offline or crash them intentionally, or root them, or make them cough data (that might be resold). Any DoS attack is a security problem because an asset is removed from production.
Syn at
Re: (Score:2)
I don't consider uptime a security issue. I understand that's not a popular opinion, but lumping usabil
Re: (Score:2)
Which I believe your central fallacy is about. Systems produce work that serves a purpose, most often: making money.
When a system is unavailable, it's not doing work, probably not making money. Data also has an asset value, we'll both agree. Data theft is but one security problem, albeit a large one. Pushing systems offline or tying them up in DoS attacks of any kind, is also production loss.
There are many ways to foist an attack, and a few ways to get around them, depending on the nature of the attack. But
Re: (Score:3)
No, to be truly secure, you put it in a room with no windows, make sure the computer is unplugged, lock the door with a lock that has no key, and you're done.
This sounds harsh, but when you consider that the biggest problem of securing computers is the user that uses it, accidentally or purposely, just say no to the user.
Re:Simples! (Score:5, Funny)
It's well-known that removing Windows makes your computer more secure.
Re: (Score:2)
It's well-known that removing Windows makes your computer more secure.
And if you don't replace it with any other OS, you've pretty much maximized your security.
Re: (Score:2)
No, to be truly secure, you put it in a room with no windows, make sure the computer is unplugged
It's not truly secure though. You will never own a perfectly secure system.
A computer system is only secure if it provides sufficient assurance of required confidentiality, availability and integrity of the data; if any of the 3 criteria are not able to be sufficiently assured, then the system is insecure.
Unplugging the computer, addresses the 1st standard criteria for assessing security: confidential
Re: (Score:2)
Re: (Score:2)
Make sure the storage is not only sealed inside the computer but that its contents can be destroyed at the touch of a button AND that the contents self-destruct if the door to the room opens while the computer is powered on.
Sounds like a built-in security weakness. You're forgetting, that security includes availability, not just confidentiality and integrity. If the system causes your data to become permanently unreadable, then that event is a breach of security, because availability of the data has b
Re:Simples! (Score:4, Insightful)
Re: (Score:2)
>> Also keep it in a faraday cage
Put that in a lead (at least 1" thick) box, and fill that with epoxy resin or concrete, remove M$ and replace with OpenBSD, have the disk 265bits AES encrypted with the separate home folders encrypted as well. Make sure that there is a BIOS password, get REALLY drunk and chance all the passwords so you cant remember the next day, ship it to Mercury and bury there ten feet deep.
Re: (Score:3)
If you want a secure computing environment, don't connect your computer to anything! Also keep it in a faraday cage, and make sure the power supply lines are filtered so they can't carry signals out through the cage.
When I did military contracting, we did exactly this. (The room was also windowless.) The machines were used for code generation, so most often the data would *leave* the room rather than enter, (and there was an entire security protocol for that) so no LAN or portable storage was required. On the few times when data had to enter the room, it did so on disk packs (this was awhile ago) that had been vetted through a fairly complicated process.
Exactly once, the computers in the sealed room had to be connec
Re: (Score:2)
When I did military contracting
So ... how does it feel, knowing you were Satan's Little Helper?
(the military-industrial complex is the closest thing to an actual Devil in existence. marketing is a close second. i assume your Dark Master rewarded you well?)
I did ok.
Re: (Score:2)
And was your "faraday cage" truely a functioning faraday cage ???
I once sat next to a guy who told me something similar as you tell it and he said to me the "cleaners" would use some crap walkie-talkie to communicate. Apparently the "faraday cage" was more a dog-and-pony cage to impress idiots and shaft the taxpayer.
Hello to John M.
Frank G.
I don't know. We were told it was, and checking it wasn't my job. I observed that it was a metal door with a flexible metal seal all the way around. Other than that, I didn't think about it.
Re: (Score:2)
And was your "faraday cage" truely a functioning faraday cage ???
I once sat next to a guy who told me something similar as you tell it and he said to me the "cleaners" would use some crap walkie-talkie to communicate. Apparently the "faraday cage" was more a dog-and-pony cage to impress idiots and shaft the taxpayer.
Hello to John M.
Frank G.
Shrug. It could have been. Stuff like that definitely occurred.
Re: (Score:2)
Not sufficient. No computer is secure if it's in any way accessible, operable, even a computer buried underground, with no direct access is secure.
In practice however?
Just operate within a reinforced concrete and steel building, ie. a warehouse, signals get so weak that barely modern cell phones work, and you can forget data for the most part, even if there is just 1 layer of blockade. If you have physical security around no one can get close enough to get reliable signal through, especially if you place co
No input, no net connection. (Score:3)
Re: (Score:2, Informative)
Secured and monitored a single site 24/7 using
motion and a wireless camera. Uploaded images live to a cache on the LAN
through which the data immediately went to
redundant cloud storage services in countries
with redundant systems of legal process.
Separated data streams in the local network and the clouds to inform me of unscheduled motion. Used email and one cloud service over G3 with fallback to GPRS and WiFi.
On a daily basis Reaffirmed that the system continued to operate. Monitored and secured the site 24
Re: (Score:3)
> Slept well.
wait.
Make it yourself (Score:5, Funny)
Re: (Score:2)
Yes. (Score:5, Informative)
Yes.
Does Windows supply a backdoor for the U.S. or other governments?
Yes.
Should you really trust your Linux multiverse repository?
No.
Do Google and Apple data mine your private mobile phone data for private information?
Yes.
Does Ubuntu's sharing of my data with Amazon compromise my privacy?
Yes.
Can the U.S. Government seize your cloud data without a warrant?
Yes. (The U.S. government can do anything. Your only recourse if they do something wrong is to sue them. Suing them typically takes years of time and hundreds of thousands of dollars for you. Thus, in a practical sense no one really has any firm rights any longer because the system in charge of correcting breaches to those rights is not accessible or swift for an average citizen using it.)
Can McAfee or Kaspersky really be trusted?
No.
Naturally, the question arises of how to establish and maintain an ironclad workstation or laptop for the purpose of handling sensitive information or doing security research. DARPA has approached the problem by awarding a $21.4M contract to Invincea to create a secure version of Android. What should we do if we don't have $21.4M USD?
Use FreeBSD or other extreme minority operating system.
Is it safe to buy a PC from any manufacturer?
Not any, but likely most.
Is it even safe to buy individual computer components and assemble one's own machine?
Again, usually it would be. It seems like software is typically the vector of attack. Hardware much less often comes with built-in vulnerabilities.
Or might the motherboard firmware be compromised?
Less likely than the OS, but remotely possible from some manufacturers.
What steps can one take to ensure a truly secure computing environment? Is this even possible?
Don't connect your computer to the Internet. Even if the OS is hacked, the motherboard firmware is hacked and the hardware itself is hacked, it doesn't matter if nobody can access it but you.
Can anyone recommend a through checklist or suggest best practices?
http://lmgtfy.com/?q=secure+hardware+and+software+computing+checklist [lmgtfy.com]
__
Re:Yes. (Score:4, Insightful)
Is it safe to buy a PC from any manufacturer?
Not any, but likely most.
Is it even safe to buy individual computer components and assemble one's own machine?
Again, usually it would be. It seems like software is typically the vector of attack. Hardware much less often comes with built-in vulnerabilities.
Probably not at all, and it's one of those things I have spoken about for 2 decades. What we see in software attack vectors is just because it's easy and known to be easy. Outsourcing our hardware manufacturing to overseas has opened new doors to hardware compromise. This is in addition of course, to what your own government injects as back doors in to hardware.
Think of the simple: All NIC drivers see a specific code in a buffer and shut down. Do you realize how much damage this would cause if lets say China decides to hit the US with a cyber attack? Worse, all your CPUs go into overclock and burn themselves up, mother boards draw too much power and burn up. This of course could cause fires, as well as the obvious damage to the computer.
Thing is, we simply don't know what has been done to hardware. Just because you don't see hacks does not mean that they are there, just that you have not seen them.
Does that mean you should live in a shoebox? Hardly, at least in my opinion. Business as usual until something happens, no reason to live paranoid. But expect that even the hardware you buy opens back doors, fails, or starts fires if someone so wishes. Nope, I have no trust for anything under "government" control.
Re: (Score:2)
Re: (Score:2)
Ninjas (Score:3, Funny)
Nobody but me gets to my abacus!
Re: (Score:3)
You have to check out those full-HD abacus'es now... 1920x1080 makes them real nice for working with really big numbers... :)
Easy... (Score:3)
I've got a VM that I run on Windows 2000. That OS is no longer patched by Microsoft so I don't want to expose it to the internet. I turned off all the networking protocols and shut off all the services that have to do with I/O. If I open a browser the only site it will connect to is a server I have running inside the VM, which requires a password. I turned off the network shares so there's no chance of getting an infected file from the host machine. The only way to write a file to it is via a USB drive and I scan those before I connect it.
The OS runs great and, with all those unnecessary services turned off, quickly as well.
Re: (Score:2)
Re:Easy... (Score:5, Funny)
Weigh your options (Score:5, Insightful)
You have to achieve a personal balance between functionality and security. Security and functionality are inversely proportional. For the average user, having a login password will be enough. If you are storing private data, like tax returns and financial documents, encryption is a good idea. A Truecrypt container with a strong password (16+ characters, upper and lower case letters, numbers, and symbols) will suffice.
If you are of the moderately paranoid group (like me), then FDE, private browsing, and a SSD with TRIM capable motherboard/OS will be enough. If you believe the NSA is watching you, then try taking your meds and refer to the moderately paranoid measures.
Re: (Score:3)
> If you believe the NSA is watching you, then try taking your meds and refer to the moderately paranoid measures.
In the unlikely event that the NSA or other similar organisation is watching you; if you have to ask /. for security tips, you've gone terribly, terribly wrong somewhere.
Re: (Score:2)
> If you believe the NSA is watching you, then try taking your meds and refer to the moderately paranoid measures.
The NSA watching and you hoping to evade is a no-win scenario. The NSA watches everyone's comms, possibly. But if they have a reason to want to watch you specifically, as a government agency, their vast resources are sufficient that you are not going to hide.
I this day and age, they are likely able to deploy insect-sized drones to video your every move.
One or two commonl fly shaped
Re: (Score:2)
I agree whole heartedly. The security curve is an asymptotic one. You'll never reach secure. The biggest security risk in any system (computer system or non-computer system) is the person sitting at the desk. This is why secretive government agencies like the US DoD don't let anyone use a DoD computer until they've background checked and taken the requisite training classes.
This is Slashdot. Naturally, there will be amazing advice about elite encryption and protecting your most secretive plans from gov
Re: (Score:2)
In regards to DoD security, it is a complete joke. While their sensitive networks are (relatively) secure, their public network security is a joke. So is the training. Here's why.
A few years back my unit had to complete some mandatory online computer training. First, the Platoon Sergeant had the answers printed out that would give you a passing grade. Second, the computers went down a few days before the deadline, and came back up on the day of the deadline. So I received the order from my Commander,
10 for style, 2 for brains (Score:2)
Re: (Score:2)
Odds are that the NSA is already "watching" you. They're just not paying attention to the collected data until you spark their interest.
"Secure enough" is "good enough" (Score:3, Insightful)
The Ninja post was a joke with a point: It's practically impossible to do "secure computing" unless you are an island unto yourself.
The better question is:
What level of security is "cost effective" for you?
I'll give my answer as a reply.
My answer Re:"Secure enough" is "good enough" (Score:5, Insightful)
This is about my personal computing, but I would apply the same general principles to other non-critical environments.
What's the worst thing that could happen to my computers? Someone sneaks into my home and installs a hidden camera to catch everything that's on the screen and all keyboard input, AND they somehow install something to log all network traffic and become the man in the middle when they want to.
How likely is this? Unless the feds confuse me with a terrorist and do this with a warrant, it's exceedingly unlikely.
What are some other "high-loss" risks?
* Virus that encrypts my computer and holds it ho$tage
* Virus installs a keylogger that captures an email login, banking credentials, etc. and uses them to impersonate me in a very bad way. "Hi, this is your bank. Your wire transfer to OFFSHOREBANK was processed this morning. This is just a call to remind you of a low-balance fee if sufficient funds are not deposited by the end of the day. Thank you."
* Fire or other calamity that physically destroys my computers, and things a lot more important than my computers.
So here's the big question:
What are the security vulnerabilities I can mitigate cheaper than the "cost" of just not having a network-attached computer at all?
* Fire/theft/physical loss. Mitigated/prevented by backups, casualty insurance, fire extinguishers, etc. .TXT, TAB- and comman-delimited simple spreadsheets, .GIF and .JPEG images, and some versions of PostScript and PDF files are among the many formats that will likely be easily readable 10 or 20 years from now assuming the media is still readable or that the file has been copied to new media before it became unreadable. Human-readable paper printouts, photographic slides, and photographic negatives are also pretty much immune from becoming technologically obsolete in my lifetime, but they require large amounts of space and a certain amount of care. Paper and especially film also decays over a 10-100 year time frame.
* Theft: Good encryption and good passwords. Pray the thief or his buyer isn't a forensics expert.
* Malware. Mitigated/prevented by backups, low-cost ("$50+tax with $50 mail-in rebate!") security software, "safe-surfing" habits (script-blocking, etc.), 2-way firewalls on the computer and network gateway/router, etc.
* Legal government intrusion: Mitigated/prevented by living in a relatively free country. Cannot be eliminated.
* Illegal/rogue government or ISP intrusion: Mitigated/prevented by living in a relatively free country that can and sometimes will throw individuals responsible in jail. Work on the assumption that this cannot be eliminated.
* WiFi intrusion on my home net: Mitigated by strong encryption and a good pass-phrase and a WiFi Router vendor that I trust.
* WiFi spoofing: Unknown risk.. Other than keeping the password secure and avoiding algorithms that are known to be vulnerable, I don't attempt to mitigate or prevent this.
* Public WiFi hotspots: Compute with care, avoid using them unless absolutely necessary. Prefer my cell phone's "G3/G4" instead of an unsecure or secure-but-untrusted hotspot.
* WiFi- and Bluetooth-based attacks: Turn off WiFi when not in use. Don't allow connections in or out without my permission.
* Backup failure: Test backups. Have multiple backups in multiple formats from multiple points in time.
* File format obsolescence: Have really important stuff in formats that will likely outlive the usefulness of the data.
Bottom line:
* If I lose everything I have on my computer, it won't drive me to suicide.
* The very important stuff is backed up in multiple places including offsite and in multiple formats.
* The medium-important stuff is backed up.
* If I can prevent a large amount of likely damage at a low cost, I'll do it.
* If I can't afford to lose it, I can't afford to NOT insure against loss.
"security" (Score:4, Interesting)
The term "secure" here is used in a bit misleading manner, there's nothing that could possibly be absolutely "secure" in this world, ever.
We should always ask only what amount of security the environment provides. In terms of money.
Re: (Score:2)
True, but I think the OP was talking about something that was connected to the outside world/internet.
The truth, though, is that nothing connected to the outside world will ever be secure. At best you minimize your damage. But you can absolutely ensure that users don't do as many stupid things. For instance, you can disable the USB ports and remove the CD and floppy drive from your machines. Then just and run them as terminals. No issues with flash drives or CDs. Then you can of course nuke all intern
Re: (Score:2)
Of course the biggest problem most corporations face even going back to the start of computing is do you trust your administrators? If they don't then I suggest a couple of bricks and a nice cave (paintings optional).
Unplug (Score:4)
Re: (Score:2)
I'm pretty sure unplugging gets you put on one of the extra special lists.
linux (Score:5, Informative)
Re:linux (Score:4, Interesting)
My experience as well.
So far, in the last 8 years it gave me excellent results.
We all know 99%+ of the generic malware out there is crafted to break in Windows setups.
The amount is so vast it's only a matter of time, you *will* be hit.
But once you take the target out of the equation, the rest is much much more easy to manage.
Once I realized this, I stopped recommending Linux to random folks: the more people keeps using Windows, the more *I* am secure.
And, at the end of the day, this is the only thing that matters to me.
Re: (Score:2)
Where did he say it would?
Re:linux (Score:5, Insightful)
Oh right linux makes you immune from things like buffer overflows or user assisted attacks.
Nice strawman there. ;-) Of course it doesn't. But its open-source nature greatly increases the chances that 1) backdoors will be discovered by interested geeks and removed, and 2) people other than employees of the vendor will be able to fix problems quickly.
I ran across a case of this a while back, when I got a message from one of djb's team telling me how to exploit a security hole in a program used by one of my web sites. I tried it, the exploit succeeded. I opened up the code, found the problem (and a couple more related to it), fixed them, verified that the exploit no longer worked, and sent a letter thanking the guy for the info.
With closed-source software, I couldn't have done any of this. I'd have had to report it to the code's owners, and try to talk them into fixing it. If they decided to fix it (which isn't guaranteed), it would typically take months, during which time my site would have been vulnerable.
I also sent a description of the exploit, along with my patches, back to the code's author, who sent me a letter of thanks, and a day later I saw the message he'd sent to all his known users announcing the "security upgrade" that fixed the problem. The total time for this was under 3 days, which is orders of magnitude faster than most security fixes from commercial closed-source vendors.
Yeah, unix/linux and other open-source systems are vulnerable. But they're so much better at fixing problems that you'd have to be rather gullible to depend on software that doesn't supply this sort of response capability.
(And yes, I understand that most of the buying public is rather gullible. The commercial world depends on that, y'know. I also understand the argument that most people wouldn't know what to do with source code, but I consider this argument bogus. It means that you deny access to people like me, who are able to understand the code and fix it. I've done this many times during my career. You should be encouraging people like me, by making sure we can get at the code to your software. ;-)
Critical Security Steps (Score:3)
2. At a minimum flash your motherboard's firmware to something trusted or written yourself
3. Write your own anti-virus
4. Run ethernet wire to trusted locations (make sure it's outdoor grade wire)
5. Install security cameras at trusted locations and filter everything from them via DPI.
6. Surf mass pron off a random trusted location.
Re: (Score:2)
You should write the OS and firmware in such a way as to mitigate the need for an anti-virus. I'd suggest you use commodity FPGA solutions and load up a system on chip coupled with external DDR3 ram and external GPU for heavy lifting. There's an open hardware solution if you can trust the chip makers. Your OS should run on those fine.
Blocking ingress by anything that can carry a viral payload.
Tempest is your friend learn it, nothing goes in or out without encryption, shield it all.
You can no longer use goog
Re: (Score:2)
You are China.
Re: (Score:2)
There is no security against paranoia (Score:5, Insightful)
lock it down, scan everything (Score:2)
lock all your computers down. physically check them before they connect to the network. install DLP and other software to disable all ports. kill any unused port on your switches. allow only approved TCP ports in and out of your network. scan everything with application layer appliances and switches
At some point there is no escape of trust (Score:4, Insightful)
Re: (Score:2)
set up two systems.... (Score:2)
one as a decoy and the other where you have your security.
Can't answer that without a threat model. (Score:3)
My "computing environment" is quite adequately secure against my threat model which is limited to criminals who might want my secret banking information. Yours might include the NSA or even Bruce Schneier.
Old Questions.... off my lawn! (Score:2)
What this gets down to, even starts heading down that path right in the question, was covered by Ken Thompson in the classic paper "Reflections on Trusting Trust": http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]
There are some good questions in there but, the rathole its starting to go down is not helpful. You need to look at what secure means to you first. What are the use cases for the environment? What does the environment need to allow? What should it not allow? Why? Answer those, and the path forward will be
If you're paranoid enough to ask those questions (Score:2)
If you're paranoid enough to ask those questions, then I'd suggest an air-gapped computer. Anything you want to install on it use a USB stick, so what if it has or installs a backdoor? There's no way to talk to that backdoor anyway. Unless you think somebody is going to create a custom trojan to infect the machine, extract whatever it wants and store it on the USB stick, then upload it to the mothership next time you plug it into an Internet-enabled computer. But if that's a concern you should probably put
Good grief... (Score:2)
.
No matter how secure the OS is, no matter what security apps you are running; I am sure that you will find a way to bypass all that security and suffer an exploit.
security? no. (Score:2)
any machine that has been used can be compromised. just like your living room, if a thug REALLY wants to get in, they will.
your task, therefore, gentlemen, is to be as frikkin BORING as possible. please to start with best Star Trek captain. nobody will bother you then.
Re: (Score:2)
That's why part of my home security system is a 70kg (150lbs for you yanks) CRT TV. A burglar would steal my neighbours LCD before they steal my antique.
Re: (Score:2)
I can see that a 70kg TV would make an excellent home defense system. Just suspend it above the door and rig it to fall on anyone who opens the door without disarming the trap first.
Layers (Score:3)
Layer 1 (most secure): strictest confidential information, for storage purposes only. system locked metal room with no windows and no internet, system locked in cage with access to display, keyboard, mouse, and drive, all data read/written to drive is permanently logged, connected to layer 2 via sneaker-net.
Layer 2: strictest confidential creation and reference. internal LAN only systems, user endpoints are read only and contain no drives or usb. server is in locked room with limited access and contains files accessed by users, as well as user endpoints with write capability, connected to layer 3 via sneaker-net.
Layer 3: confidential creation and reference. internal LAN with write ability to files, temporarily read only network connectable to layer 4 via password.
Layer 4: normal productivity with confidential read access. normal internet connected network, usb and drives on centrally located system controlled by admin, all io logged.
If seriously (Score:2)
Use at least 2 operating systems, at least 2 browsers, at least 2 office applications, etc. Because if there is one and only one monopoly software or hardware vendor, it is much easier for it to get corrupted. A realistic competition is the best measure against corruption.
Yo
Re: (Score:3)
Use at least 2 operating systems, at least 2 browsers, at least 2 office applications
So you spend twice as much managing it all?
So you have twice the attack surface?
So you have two OS's exploits to defend against?
So you have two browsers with different security issues to keep patched?
So you have two office suites to fix as well?
So you're a smaller customer to different vendors, so they care less about your complaints?
Please explain how the risk to Machine A is changed by Machine B having the same or different hardware or software.
Re: (Score:2)
The point is to keep afloat both. The fundamental principle of dualism.
Re: (Score:2)
Can I have what ever it is you're smoking?
Not too hard.. (Score:2)
1 - Reload all computers that come in the door with *your* load. .. Lock down the OS users dont need to be installing things. that's your job.
2 - Lock down hardware to prevent things like USB from working
3 - GPO ( or equivalent on *nix)
4 - Monitor monitor monitor... Both at the PC level and network.
5 - No BYOD..
What's a through checklist? (Score:2)
Is it anything like a thorough checklist?
Reasoned Paranoia (Score:2)
You have to start with the position that no OS, network, or configuration is ever going to be 100% secure. If the system is accessible by someone via some means, it has at least one vulnerability.
This is why blanket questions as asked in the original posts are worse than useless. Asking is certain OSes have vulnerabilities (they do) is a waste of time. Looking for bogey-men like government backdoors or vendor/service providers is equally useless: either they exist and you can't do anything about them, or th
Need a safe computer? (Score:2)
Some custom design needed (Score:2)
First of all start with parts which are proven to be reliable. For example Linux or OpenBSD.
Then think of your security risks. What is your problem. Do you not want your data to get out? Do you want to provide services even if the world ends? Thos are all different kinds of problems requiring different solutions.
Then get your processes straight. How do you install software? If it's google X free download, click on the first link and download it to install it, you might want to re-think them. Who has access
get psychiatric help (Score:3, Informative)
You don't need computer security, you need psychiatric help, seriously. I've known people with paranoid delusional conditions before. Talk to to Psychologist about getting help and make sure you take care of your mental health. You really, really, don't want to end up on the street where your mental health spirals out of control.
If your not willing to work with that than I suggest you keep a few practical thoughts in mind:
The FBI doesn't care about your porn habits unless they involve underage kids.
The CIA could care less about you unless your working on behalf of a foreign government and even then probably not.
The NSA consider you a civil matter.
If your in another country simply substitute your local government agency for the right one.
Frankly if you were working for anybody that the CIA, NSA etc actually cared about you would be getting professional advice from your employer, and not by asking Slashdot. You sound like a young person thinking about becoming a script kiddie or someone with delusion of prosecution over warez trading and porn surfing. The comment is quite sincere, you need to seek help from a mental health professional.
Re: (Score:2)
I take it you have never known someone that has paranoid delusions in your life. If you had experience with something like ADHD and met someone that was suffering for it you may well take a moment to talk to them about it. There's nothing funny about someone suffering from mental illness and not getting the help they need.
This wasn't a 'nerdish' question, this was someone who was so naive as to get people to start talking about making your own CPU's etc, etc, etc.
A 'nerdish' question along the same lines mi
A reasonable compromise (Score:3)
I'm going to assume that this is a serious question, if slightly fuzzily worded. And that what you want is the best security position that is practical, and still have a computing environment that is useful to you.
So this is going to draw some fire I suspect, but maybe start by reading the PCI DSS Data Security Standard [pcisecuritystandards.org] and apply as much as possible of the practical stuff to your environment.
PCI DSS has its issues and its critics and is most definitely not perfect. But it is an attempt by a group comprising of all the major credit and debit card brands to define how to secure a computing environment that is connected to the internet and contains sensitive information.
A lot of it won't be relevant to you. But if you're not trying to achieve compliance, you can throw out the bits you don't need.
This is easy. (Score:2)
no physical access to the computer. it's in a locked case. Network is isolated and also locked up, running the network cables inside metal conduit is a plus, any long runs MUST be fiberoptic in armored cable if they exit the secure building or room and then the data traversing it must be encrypted.
No internet access at all. no local storage at all. All storage is on the server in encrypted volumes. No you cant print, no you cant save to a disk or anything but the server.
Final step, do what lockheed d
It's easyer than you might think (Score:3)
If this is about a critical, large budget kind of thing, then this is so secure that I dare to claim that it is perfect, even though it theoretically is not.
1. Get some general hardware, supported by Coreboot;
2. Examine the code of Coreboot, then compile with a compiler release that is way older than the hardware;
3. Examine a microkernel codebase, newer than the hardware, then only compile what you need, simply because unneeded codepaths that are connected to other code can lead to a theoretical exploits;
4. Encrypt network communications, then bitflip for corruption, and include random noice (Rubberhose File System style);
5. Run a whitelist network packet checker, like Mandatory Acces Controll profiling, for communication.
6. Write application for functionality of computing device, compile for other CPU architecture, and emulate on CPU emulator lib.
Should be good enough, no?
Security is a Process (Score:3, Insightful)
I see that many comments have done a good job pointing out the paranoid mindset of the questions in this post. It's true, if you're absolutely worried about hiding your data from the FBI, CIA, and NSA, you are either doing something so illegal that I don't want to help, or you are delusional and paranoid. However, reading between the lines, I think you've just seen too much FUD about security. If you really just want security that's "good enough" then you can get it by following some of the simple best practices. Here's some things that have been found to help in most environments:
1) Passwords are pretty good. Use a different password (fairly long, somewhat complex [xkcd.com]) on each different site and use a password manager (put that on a non-networked system if you're concerned), instead of trying to memorize dozens of different passwords.
2) Separate important and unimportant systems - if you have an online banking account, don't access it from the same machine you surf the web for "warez" on.
3) Use virtualization technology to "sandbox" dangerous activities. If you're researching viruses or malware, or browsing unusual web sites, do that in a virtual machine with snapshots. Destroy the virtual machine or restore to a "known good" configuration frequently.
4) Turn on firewalls, run anti-virus, and use registry/configuration cleaners frequently. If you're blocking any inbound connections to your network, you're safer. If all files you download are scanned, you're safer. If you regularly scan for known exploits and malware, and remove infections or destroy the system, you're safer.
5) Use encryption for sensitive information. Full disk encryption on your traveling laptop would be a great start. Use disk or file based encryption on sensitive documents, and ALWAYS use SSL when transmitting over open networks (that means ssh instead of telnet, FTPS instead of FTP, etc.). Encrypt backups as well as primary data.
6) Keep your systems reasonably up to date and follow recommendations from your software vendors about best security practices.
I'm sure there's a thousand other tips that would help, but you're not paying me, so this is where I'll stop.
Take a CISSP to llunch (Score:2)
There's not enough information in the OP's question. Is this a home or business environment? What do you want to protect? What do you perceive as the most likely threats? As to your questions about snoopy corporations and government agencies, do you have a particularized reason to be paranoid about such things, or are you merely a concerned citizen? I would start with NIST Special Publication 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems [nist.gov]. You could also watc
Qubes OS (Score:3)
I can hardly believe that, so far, nobody mentioned Qubes OS. [qubes-os.org]
In the theoretical sense, security is possible. It's just very hard. Especially if you want to spend your time doing something other than building a secure computer system.
In practice, most people live with a reasonably amount of security by installing a reasonable alternate OS such as Debian, not installing unnecessary software such as the Java plugin, and regularly installing security updates.
But if you really want security, what you should be doing is isolating, isolating, isolating. If a program has no business using a resource, then it should not be possible for it to access that resource. Qubes is one attempt to do this while preserving application compatibility, by having applications and services isolated to their own virtual machines. Even the network card drivers are in separate virtual machines.
For maximum security with Qubes, you really need a processor with support for VT-d, such as a selected subset of Nehalem and better processors, [intel.com] but the AppVM security mechanism at least should work.
Ken Thompson's Trusting Trust (Score:2)
http://cm.bell-labs.com/who/ken/trust.html
You must decide what you trust unless you wrote it all yourself and built it yourself. You must also acknowledge that the system is insecure and work backwards from that trying to mitigate any damage and minimize risks.
Re:I Don't Use Computers (Score:4, Funny)
Kudos to you AC! Not many of us have paranormal means of posting to /.!
I lie about everything
On the other hand, perhaps there's another explanation.....
Re:I Don't Use Computers (Score:4, Insightful)
I lie about everything
On the other hand, perhaps there's another explanation.....
That's no explanation, because he'd clearly have to be lying about lying about everything, but that means he's telling the truth, but that means he lies about everything, but that means .... *does not compute* *does not compute* *head explodes*
Re: (Score:2)
Clearly you are no master of fuzzy logic! In this case "I lie about everything" means "everything but lying about everything".
See, it's simple!
Re: (Score:2)
I lie about everything
Infinite loop detected... failure...
Re: (Score:2)
Does lying require falsehood, or merely an intent to deceive?
Re: (Score:2)
>use an entirely separate computer.
No. You don't have to. If you can boot from a USB port or CD/DVD, use a live read-only OS and boot from it.
An example of it is here: http://www.spi.dod.mil/lipose.htm [dod.mil]
You can do the same thing with other live distributions like Knoppix, Trinity, Ubuntu, etc.
--
BMO
Re: (Score:2)
Re: (Score:2)
Then you know what?
Don't use a computer. Ever. If there is no end to what you can trust, not even a computer encased in concrete at the bottom of the Challenger Deep is enough.
Your response is ridiculous.
--
BMO
Re: (Score:2)
No, the notion of "secure" computing is ridiculous. The U.S. DoD is on both the giving and taking end of firmware exploits which made me smirk when you mentioned LPS.
On a side note. Has anyone ever mentioned to you that you come across as having a bit of a belligerent personality?
Re: (Score:2)
"No, the notion of "secure" computing is ridiculous"
Security is a spectrum from "totally promiscuous and do anything to this machine" to "no, you can't even turn it on, and if you do, it will cost you your life" kind of horror-show.
Sane people, when they talk about secure computing, talk about something in the middle. The insane say it's an all or nothing false dichotomy. These are the same people who implement stupid password policies as administrators that ultimately result in the recycling of insecure
Re: (Score:2, Offtopic)
Your trolls are an enormous waste of time, but I still laughed because of your devotion to duty.
Re: (Score:3)
Can anyone recommend a through checklist or suggest best practices?
Step one: Put someone else in charge of security
Step two: Make that someone else liable for security breaches.
Re: (Score:2)
Re: (Score:2)
There's no perfection to be found anywhere, but you can be about 10000X safer on Linux than on Windows
Are you sure it is 10000x and not 100000000x? How does one go about calculating the proper number of zeros?
There's a huge variety of software in the repositories and any malicious software would be quickly removed
It often takes people years if ever to find innocent bugs and remove these defects... yet whenever your faced with an advasary who has intentionally hidden an expliotable defect then of course it will be detected...and quickly where the innocent bugs have not...yes...sure... of course... this makes perfect sense.
Is this perfect? Of course not
Is this gyberish? Of course it is.
But it's WAY WAY better than the situation on Windows where people install random malware to see "dancing bears"
Are you saying it is not possible for users to install