Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Do YOU Establish a Secure Computing Environment?

Unknown Lamer posted about a year ago | from the can't-root-this dept.

Security 314

sneakyimp writes "We've seen increasingly creative ways for bad guys to compromise your system like infected pen drives, computers preloaded with malware, mobile phone apps with malware, and a $300 app that can sniff out your encryption keys. On top of these obvious risks, there are lingering questions about the integrity of common operating systems and cloud computing services. Do Windows, OSX, and Linux have security holes? Does Windows supply a backdoor for the U.S. or other governments? Should you really trust your Linux multiverse repository? Do Google and Apple data mine your private mobile phone data for private information? Does Ubuntu's sharing of my data with Amazon compromise my privacy? Can the U.S. Government seize your cloud data without a warrant? Can McAfee or Kaspersky really be trusted? Naturally, the question arises of how to establish and maintain an ironclad workstation or laptop for the purpose of handling sensitive information or doing security research. DARPA has approached the problem by awarding a $21.4M contract to Invincea to create a secure version of Android. What should we do if we don't have $21.4M USD? Is it safe to buy a PC from any manufacturer? Is it even safe to buy individual computer components and assemble one's own machine? Or might the motherboard firmware be compromised? What steps can one take to ensure a truly secure computing environment? Is this even possible? Can anyone recommend a through checklist or suggest best practices?"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered


Simples! (5, Interesting)

realitycheckplease (2487810) | about a year ago | (#42396227)

If you want a secure computing environment, don't connect your computer to anything! Also keep it in a faraday cage, and make sure the power supply lines are filtered so they can't carry signals out through the cage.

Optical TEMPEST (2)

cpghost (719344) | about a year ago | (#42396275)

A faraday cage is not enough. Make sure no optical signals [rootsecure.net] can get out of the room.

Block optical signals with hostfile (-1, Offtopic)

Anonymous Coward | about a year ago | (#42396493)

There is no shame is using a hosts file to block optical signals. I have a foolproof list that blows away troll arguments that say otherwise.

P.S.=> There's other methods also, via native to OS tools for network-wide propogation of fresh clean updated hosts files that program yields IF you only installed it on a "central server" for clean hosts for all nodes/workstations/servers:

I.E.-> Centrally managed hosts files? Easy as pie via logons scripts, or parse of autoexec in Windows @ bootup via GPEdit & group policies company-wide!


Using taskscheduler on each workstation/server node periodically

P.P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower (longer & loopback ops happen here) to the faster & smaller (or even 0 on Windows 2000/XP/Server 2003): Enjoy! ... apk

P.P.P.P.S.=> There you go... it all works, GUI easily from my app, all the way out to any endpoint PC/Server on a LAN/WAN even... often as you like & CLEAN/FRESH too!

P.P.P.P.P.S=> It's good "layered-security"/"defense-in-depth" & does things AdBlock, DNS, & even firewalls can't (like speed up access to fav. sites + make them reliable in the event of DNS poisoning redirects or being "downed" even...) & gets P.P.P.P.P.P.S.=> back SPEED/BANDWIDTH users pay for out of pocket along with their POWER BILL too...

P.P.P.P.P.P.P.S.=> I skipped P.P.P.S=>

Re:Block optical signals with hostfile (-1)

Anonymous Coward | about a year ago | (#42396557)

Although the trolls try to bury it and hide it, APK has shown already shown how to make a computer secure against attacks here [slashdot.org]. Apparently the penguin zealots don't want people to know how Windows can be made secure and works better than Linux, so instead they take out their geek angst on people like APK who just want to inform people with facts.

Re:Block optical signals with hostfile (1)

AK Marc (707885) | about a year ago | (#42396821)

That's a silly post. Syn attacks aren't about "security" they are about usability (except for the edge cases where you can syn-flood a computer into a vulnerable state). Security is about data loss or exposure, and a syn flood makes your computer *more* secure. If it's down, you can't lose anything. But nobody can use it, either.

Re:Simples! (3)

Bryan Bytehead (9631) | about a year ago | (#42396329)

No, to be truly secure, you put it in a room with no windows, make sure the computer is unplugged, lock the door with a lock that has no key, and you're done.

This sounds harsh, but when you consider that the biggest problem of securing computers is the user that uses it, accidentally or purposely, just say no to the user.

Re:Simples! (5, Funny)

v1 (525388) | about a year ago | (#42396409)

No, to be truly secure, you put it in a room with no windows,

It's well-known that removing Windows makes your computer more secure.

Re:Simples! (1)

jc42 (318812) | about a year ago | (#42396727)

It's well-known that removing Windows makes your computer more secure.

And if you don't replace it with any other OS, you've pretty much maximized your security.

Re:Simples! (0)

Anonymous Coward | about a year ago | (#42396559)

I'd argue for burying it under at least sixty feet of cement, as well.

But it's still not perfect...

Seriously, this is a good idea for secure ops (1)

davidwr (791652) | about a year ago | (#42396773)

Have a "secure ops" room with a computer that is run off of stock "dumb" batteries delivering the normal voltages delivered by a power supply. Your normal laptop's battery is too smart for the job.

Make sure the room is EMF-proof when the door is shut and locked from the inside. Yes, that includes visible light, so you'll need a battery-operated light source.

Make sure the only input is the keyboard and mouse or equivalent. Make sure the only output is the screen and optionally a printer or equivalent write-only device. Make sure the storage is not only sealed inside the computer but that its contents can be destroyed at the touch of a button AND that the contents self-destruct if the door to the room opens while the computer is powered on. Make sure there is a strong power-on password or other authentication mechanism and that the data storage self-destructs after only a few failed attempts to gain access.

Oh, finally:

Make sure your computer has a "trusted bootloader" that only runs "trusted applications" and that nothing is installed on it that is not needed. Lock down the entire system so seemingly-non-malicious mistakes don't compromise the computer itself in a way that isn't immediately obvious. For example, it's okay if a malicious insider's buggy formula in a spreadsheet gives a mathematically incorrect answer, but it's not okay if that causes the spreadsheet to create a file that grows big enough to trigger a bug in the filesystem that disables the "trusted bootloader" mechanism so the next time the machine boots, someone can run a script that creates an EXE file that logs all future keystrokes for the malicious insider to view and memorize later. Of course, any computer you put in this room will have to be designed and built by someone you trust, using parts designed and built by someone you trust, etc. Alternatively, the computer can be simple enough that you can mathematically prove it is trustworthy.

Re:Simples! (3, Insightful)

AK Marc (707885) | about a year ago | (#42396803)

Secure is powered off and disconnected from any cables, power, network, or otherwise. Security isn't possible. You always trade off security for usability. The question is rhetorical nonsense unless you also answer the question of "what level of usability do you want - what are you going to do with it?"

Re:Simples! (1)

Razgorov Prikazka (1699498) | about a year ago | (#42396891)

>> If you want a secure computing environment, don't connect your computer to anything!
>> Also keep it in a faraday cage

Put that in a lead (at least 1" thick) box, and fill that with epoxy resin or concrete, remove M$ and replace with OpenBSD, have the disk 265bits AES encrypted with the separate home folders encrypted as well. Make sure that there is a BIOS password, get REALLY drunk and chance all the passwords so you cant remember the next day, ship it to Mercury and bury there ten feet deep.
Not great for doing some facebookin, but it is SAFE!

No input, no net connection. (2)

Kenja (541830) | about a year ago | (#42396229)

That's what I did last time I needed a super secure environment. Local network only, KVM extension to put the user interface far away from the locked up computer. Granted that's not what the article is looking for, but that was the best solution I could find at the time.

crazy (-1)

Anonymous Coward | about a year ago | (#42396235)

Don't connect to the internet.

I Don't Use Computers (0, Insightful)

Anonymous Coward | about a year ago | (#42396251)

I'm very secure because I don't use any computing devices, I live off the grid, I lie about everything and use an assumed name. If it wasn't for all that effort on my part everyone would know everything about me and post it on MyBook or FaceSpace, or whatever the new one is this week.

Re:I Don't Use Computers (3, Funny)

Glock27 (446276) | about a year ago | (#42396455)

Kudos to you AC! Not many of us have paranormal means of posting to /.!

I lie about everything

On the other hand, perhaps there's another explanation.....

Easy! (0)

Anonymous Coward | about a year ago | (#42396253)

Seal the computer in a block of concrete and place it at the bottom of the ocean.

erroneus (253617) FatASS needs PIZZA (-1)

Anonymous Coward | about a year ago | (#42396255)

"Oh... to eat pizza again..." by erroneus (253617) on Saturday December 22, @05:20PM (#42371769) from http://slashdot.org/comments.pl?sid=3335159&cid=42371769 [slashdot.org] since that disgusting fatbody pig is a waste of life obese swine with no dick!

Re:erroneus (253617) FatASS needs PIZZA (-1)

Anonymous Coward | about a year ago | (#42396357)

Peter, my love, come back to bed !

Your Precious,


ps: by everything that is sacred, I swear the captcha was "incest" ...

Re:erroneus (253617) FatASS needs PIZZA (-1)

Anonymous Coward | about a year ago | (#42396425)

Hey APK, maybe this would be the perfect time to talk about host masks, but instead you seem preoccupied fighting the "trolls."

Re:erroneus (253617) FatASS needs PIZZA (-1)

Anonymous Coward | about a year ago | (#42396495)

Erroneus: Is that fucking PIZZA? I SMELL PIZZA!

WIfe: No Dear, that's not for us, it's being delivered to next door

Erroneus: *grabs familiy cat* I'm going to bite this fucker's head off unless I get some pizza..don't test me, bitch, I'll FUCKING DO IT!

Kid: No, dad, no!

Wife: You need help! Please go get help, dear...911? Yeah, my husband is...

Erroneus: *Crunch!* *Snap!* Look what you made me do! LOOK! *tosses bloody body of cat, still squirting blood, and its decapitated head on the floor.*

Kid: Waaaaaah! Mommy, make it stop!

*Ka-chung...stomp stomp stomp*

Erroneus: Give me that fucking pizza, Steve.

Neighbor: No, it's mine.
Erroneus: I'll suck your dick! Please, please, please let me have some! Just a slice!

Neighbor: Okay, but it'll cost you...

* Unzipping his fly in broad daylight, on his doorstep, the neighbor takes out his penis. Erroneus slowly drops to his knees, moving his fat hands down the body of his neighbor, stopping to caress the pizza box, before he is kneeling on the ground with his head at approximately perfect height. He immediately inhales all of his neighbor in, then pulls his head outward and applies vaccuum suction to the tip of his neighbor's swollen, throbbing penis, tonguing the frenulum, an audible "POP" when he pulls off. A woman walking her dog down the sidewalk glances over and walks quickly away, horrified. Finally, ejaculation - The neighbor bellowed oudly just as loudly as the Cyclops did when juice was gushing out of his one eye, and that analogy in his head was totally relevant because the Greeks were homosexual. VERY homosexual. The disgusting pecker-snot dribbling down the chin and all over Erroneus's shirt. The strong scent of Chlorine and a Meat Lover's Deep Dish pizza in the air. Erroneus' neighbor hid himself to a degree acceptable for public appearance, and pulled a medium-sized slice from the pizza box in a dignified manner, like an old movie star reaching for his cigarette lighter.

The cat was dead. The wife and kid were scarred for life...but none mattered now, for the sweet, sweet pizza was in hand. Erroneus relished every bite.

Make it yourself (5, Funny)

solidraven (1633185) | about a year ago | (#42396259)

Get the necessary equipment and make your own CPU. Also make the lithography masks yourself to ensure your paranoia score reaches a maximum level! Next proceed to make your own motherboard (making all the components yourself as mentioned earlier). Also you'll have to create your own CRT monitor (imagine if they intercepted the signals between the graphics card and the monitor!!!). And you might want to sit in a faraday cage made out of mu metal with your own personal lemon battery based power supply.

Re:Make it yourself (1)

Anonymous Coward | about a year ago | (#42396585)

There's no need to go this far to avoid virus attacks --- just devise a means of randomizing
certain aspects of a system through software, such as (very lightly) encrypting Windows
API calls (and the implicit links to them in all binaries).
Or a CPU could be made that assumes all data it loads from RAM is lightly encrypted
(added to a 32-bit key for example) and therefore decrypt all data it loads and consequently
scrambling any malicious code.
Attackers would have no way of writing a virus which could spread, although they might
get to single systems now and then.

Ninjas (3, Funny)

davidwr (791652) | about a year ago | (#42396307)

Nobody but me gets to my abacus!

Re:Ninjas (0)

Anonymous Coward | about a year ago | (#42396521)

I hang up the "Do Not Disturb" sign and lock the door. Have you ever tried watching porn on an abacus? Even rotated 90 degrees it still leaves a lot to the imagination.

Re:Ninjas (2)

pakar (813627) | about a year ago | (#42396759)

You have to check out those full-HD abacus'es now... 1920x1080 makes them real nice for working with really big numbers... :)

Easy... (2)

erp_consultant (2614861) | about a year ago | (#42396311)

I've got a VM that I run on Windows 2000. That OS is no longer patched by Microsoft so I don't want to expose it to the internet. I turned off all the networking protocols and shut off all the services that have to do with I/O. If I open a browser the only site it will connect to is a server I have running inside the VM, which requires a password. I turned off the network shares so there's no chance of getting an infected file from the host machine. The only way to write a file to it is via a USB drive and I scan those before I connect it.

The OS runs great and, with all those unnecessary services turned off, quickly as well.

Weigh your options (4, Insightful)

Sparticus789 (2625955) | about a year ago | (#42396313)

You have to achieve a personal balance between functionality and security. Security and functionality are inversely proportional. For the average user, having a login password will be enough. If you are storing private data, like tax returns and financial documents, encryption is a good idea. A Truecrypt container with a strong password (16+ characters, upper and lower case letters, numbers, and symbols) will suffice.

If you are of the moderately paranoid group (like me), then FDE, private browsing, and a SSD with TRIM capable motherboard/OS will be enough. If you believe the NSA is watching you, then try taking your meds and refer to the moderately paranoid measures.

Re:Weigh your options (-1)

Anonymous Coward | about a year ago | (#42397031)

Plus, when choosing security, you need to be sure WHO is benefiting from the security.

The solutions offered by the IT industry are mostly meant to be secure AGAINST you rather than FOR you.

They are designed as security for the IT vendor, not for the owner.

"Secure enough" is "good enough" (3, Insightful)

davidwr (791652) | about a year ago | (#42396317)

The Ninja post was a joke with a point: It's practically impossible to do "secure computing" unless you are an island unto yourself.

The better question is:
What level of security is "cost effective" for you?

I'll give my answer as a reply.

My answer Re:"Secure enough" is "good enough" (5, Insightful)

davidwr (791652) | about a year ago | (#42396607)

This is about my personal computing, but I would apply the same general principles to other non-critical environments.

What's the worst thing that could happen to my computers? Someone sneaks into my home and installs a hidden camera to catch everything that's on the screen and all keyboard input, AND they somehow install something to log all network traffic and become the man in the middle when they want to.

How likely is this? Unless the feds confuse me with a terrorist and do this with a warrant, it's exceedingly unlikely.

What are some other "high-loss" risks?
* Virus that encrypts my computer and holds it ho$tage
* Virus installs a keylogger that captures an email login, banking credentials, etc. and uses them to impersonate me in a very bad way. "Hi, this is your bank. Your wire transfer to OFFSHOREBANK was processed this morning. This is just a call to remind you of a low-balance fee if sufficient funds are not deposited by the end of the day. Thank you."
* Fire or other calamity that physically destroys my computers, and things a lot more important than my computers.

So here's the big question:

What are the security vulnerabilities I can mitigate cheaper than the "cost" of just not having a network-attached computer at all?

* Fire/theft/physical loss. Mitigated/prevented by backups, casualty insurance, fire extinguishers, etc.
* Theft: Good encryption and good passwords. Pray the thief or his buyer isn't a forensics expert.
* Malware. Mitigated/prevented by backups, low-cost ("$50+tax with $50 mail-in rebate!") security software, "safe-surfing" habits (script-blocking, etc.), 2-way firewalls on the computer and network gateway/router, etc.
* Legal government intrusion: Mitigated/prevented by living in a relatively free country. Cannot be eliminated.
* Illegal/rogue government or ISP intrusion: Mitigated/prevented by living in a relatively free country that can and sometimes will throw individuals responsible in jail. Work on the assumption that this cannot be eliminated.
* WiFi intrusion on my home net: Mitigated by strong encryption and a good pass-phrase and a WiFi Router vendor that I trust.
* WiFi spoofing: Unknown risk.. Other than keeping the password secure and avoiding algorithms that are known to be vulnerable, I don't attempt to mitigate or prevent this.
* Public WiFi hotspots: Compute with care, avoid using them unless absolutely necessary. Prefer my cell phone's "G3/G4" instead of an unsecure or secure-but-untrusted hotspot.
* WiFi- and Bluetooth-based attacks: Turn off WiFi when not in use. Don't allow connections in or out without my permission.
* Backup failure: Test backups. Have multiple backups in multiple formats from multiple points in time.
* File format obsolescence: Have really important stuff in formats that will likely outlive the usefulness of the data. .TXT, TAB- and comman-delimited simple spreadsheets, .GIF and .JPEG images, and some versions of PostScript and PDF files are among the many formats that will likely be easily readable 10 or 20 years from now assuming the media is still readable or that the file has been copied to new media before it became unreadable. Human-readable paper printouts, photographic slides, and photographic negatives are also pretty much immune from becoming technologically obsolete in my lifetime, but they require large amounts of space and a certain amount of care. Paper and especially film also decays over a 10-100 year time frame.

Bottom line:
* If I lose everything I have on my computer, it won't drive me to suicide.
* The very important stuff is backed up in multiple places including offsite and in multiple formats.
* The medium-important stuff is backed up.
* If I can prevent a large amount of likely damage at a low cost, I'll do it.
* If I can't afford to lose it, I can't afford to NOT insure against loss.

"security" (3, Interesting)

eexaa (1252378) | about a year ago | (#42396325)

The term "secure" here is used in a bit misleading manner, there's nothing that could possibly be absolutely "secure" in this world, ever.

We should always ask only what amount of security the environment provides. In terms of money.

Re:"security" (1)

Plekto (1018050) | about a year ago | (#42397053)

True, but I think the OP was talking about something that was connected to the outside world/internet.

The truth, though, is that nothing connected to the outside world will ever be secure. At best you minimize your damage. But you can absolutely ensure that users don't do as many stupid things. For instance, you can disable the USB ports and remove the CD and floppy drive from your machines. Then just and run them as terminals. No issues with flash drives or CDs. Then you can of course nuke all internet browsing.

The solution that my last employer provided was an open wi-fi connection for everyone to share that was for phones and such only and 100% not connected in any way (separate ISP and hard line even) to the main server. They could do all of their idiocy on that connection and sure, it was slow and sucked, but there was no way into the servers. Only the IT department's machine had outside access. Not perfect, but far better than letting every employee use the same system.

Computer Security Rules (1)

yenrabbit (2746763) | about a year ago | (#42396347)

To ensure you have a secure computing environment: 1) Don't buy a computer and 2) Don't turn it on -the first line of pretty much every book on information security...

linux (5, Informative)

blackC0pter (1013737) | about a year ago | (#42396379)

i actually run linux on the desktop to help stay secure and don't pirate software. Add some ufw firewall rules and a router based firewall and you can survive most non-local (in the room) attacks.

Re:linux (-1, Offtopic)

ArchieBunker (132337) | about a year ago | (#42396637)

Oh right linux makes you immune from things like buffer overflows or user assisted attacks.

Re:linux (4, Insightful)

jc42 (318812) | about a year ago | (#42396943)

Oh right linux makes you immune from things like buffer overflows or user assisted attacks.

Nice strawman there. ;-) Of course it doesn't. But its open-source nature greatly increases the chances that 1) backdoors will be discovered by interested geeks and removed, and 2) people other than employees of the vendor will be able to fix problems quickly.

I ran across a case of this a while back, when I got a message from one of djb's team telling me how to exploit a security hole in a program used by one of my web sites. I tried it, the exploit succeeded. I opened up the code, found the problem (and a couple more related to it), fixed them, verified that the exploit no longer worked, and sent a letter thanking the guy for the info.

With closed-source software, I couldn't have done any of this. I'd have had to report it to the code's owners, and try to talk them into fixing it. If they decided to fix it (which isn't guaranteed), it would typically take months, during which time my site would have been vulnerable.

I also sent a description of the exploit, along with my patches, back to the code's author, who sent me a letter of thanks, and a day later I saw the message he'd sent to all his known users announcing the "security upgrade" that fixed the problem. The total time for this was under 3 days, which is orders of magnitude faster than most security fixes from commercial closed-source vendors.

Yeah, unix/linux and other open-source systems are vulnerable. But they're so much better at fixing problems that you'd have to be rather gullible to depend on software that doesn't supply this sort of response capability.

(And yes, I understand that most of the buying public is rather gullible. The commercial world depends on that, y'know. I also understand the argument that most people wouldn't know what to do with source code, but I consider this argument bogus. It means that you deny access to people like me, who are able to understand the code and fix it. I've done this many times during my career. You should be encouraging people like me, by making sure we can get at the code to your software. ;-)

Re:linux (4, Interesting)

Psicopatico (1005433) | about a year ago | (#42396879)

My experience as well.
So far, in the last 8 years it gave me excellent results.

We all know 99%+ of the generic malware out there is crafted to break in Windows setups.
The amount is so vast it's only a matter of time, you *will* be hit.
But once you take the target out of the equation, the rest is much much more easy to manage.

Once I realized this, I stopped recommending Linux to random folks: the more people keeps using Windows, the more *I* am secure.
And, at the end of the day, this is the only thing that matters to me.

the linux repositories are pretty good (0)

Anonymous Coward | about a year ago | (#42396407)

There's no perfection to be found anywhere, but you can be about 10000X safer on Linux than on Windows. There's a huge variety of software in the repositories and any malicious software would be quickly removed. Is this perfect? Of course not. But it's WAY WAY better than the situation on Windows where people install random malware to see "dancing bears" or whatever that their friends send to them and get infected, or where Windows will auto-run executables just because you put a USB key into your system. Seriously microsoft, WTF?

So, set up a Linux machine, don't run javascript from web sites unless it's a well known trusted site like your bank, only use software from the repos, and you'll be secure for most practical purposes as a "normal person" who isn't the target of the KGB or something.

Captcha: mitigate!

Critical Security Steps (2)

Synerg1y (2169962) | about a year ago | (#42396415)

1. Write your own OS, that way the government can't backdoor your OS's manufacturer without prior knowledge.
2. At a minimum flash your motherboard's firmware to something trusted or written yourself
3. Write your own anti-virus
4. Run ethernet wire to trusted locations (make sure it's outdoor grade wire)
5. Install security cameras at trusted locations and filter everything from them via DPI.
6. Surf mass pron off a random trusted location.

Re:Critical Security Steps (1)

mrmeval (662166) | about a year ago | (#42396693)

You should write the OS and firmware in such a way as to mitigate the need for an anti-virus. I'd suggest you use commodity FPGA solutions and load up a system on chip coupled with external DDR3 ram and external GPU for heavy lifting. There's an open hardware solution if you can trust the chip makers. Your OS should run on those fine.

Blocking ingress by anything that can carry a viral payload.

Tempest is your friend learn it, nothing goes in or out without encryption, shield it all.

You can no longer use google for porn that might offend someone somewhere, feel the pain of having to use Bing's superior porn search.

Re:Critical Security Steps (0)

Anonymous Coward | about a year ago | (#42396769)

1 through 5 was easy enough. But do we really have to do number 6 ?

Safe Computing.... (1)

Anonymous Coward | about a year ago | (#42396423)

...involves condoms on the cables.

There is no security against paranoia (5, Insightful)

Peter (Professor) Fo (956906) | about a year ago | (#42396429)

1 What are the threats? 2 Why do you care? 3 Expose as little as possible 'publicly' with as few people even knowing you have diamonds in your safe. 4 Have 'CCTV' so you can detect intrusions (and possibly a honeytrap) 5 Assume anyone with $$$ to spend technically will first spend $ on more basic intelligence. 6 [This list goes on and on]

Woah... sit down dude. (1)

Anonymous Coward | about a year ago | (#42396451)

Breathe into this paper bag. If you still feel dizzy, lie down..

lock it down, scan everything (1)

alen (225700) | about a year ago | (#42396467)

lock all your computers down. physically check them before they connect to the network. install DLP and other software to disable all ports. kill any unused port on your switches. allow only approved TCP ports in and out of your network. scan everything with application layer appliances and switches

Write your own code, compiler, and firmware (0)

Anonymous Coward | about a year ago | (#42396483)

do all that, too. secure. herp

How to be secure (0)

Anonymous Coward | about a year ago | (#42396509)

Don't reply to a slashdot article asking about how you keep your stuff secure in any way that would allow others to think like you?

At some point there is no escape of trust (3, Insightful)

ZorroXXX (610877) | about a year ago | (#42396527)

There is no way you can avoid putting trust on something outside your own control, be it the C compiler [bell-labs.com], firmware on the motherboard or the CPU itself. So what you really are asking is "where should I put my trust level". That depends extremely from person to person and is next to impossible to answer, almost like asking "what car should I buy". You cannot expect good answers to what you ask without providing good indicators about what threats you consider important. However, the slashdot crowd usually does not pay any attention to the original question in any case, so maybe it is not that important :)

Re:At some point there is no escape of trust (0)

Anonymous Coward | about a year ago | (#42396881)

You cannot expect good answers to what you ask without providing good indicators about what threats you consider important.

Happily, once he knows enough to know what threats are important, he'll know enough about security that he doesn't need to ask /. ...

Our setup. (0)

Anonymous Coward | about a year ago | (#42396531)

For our Computer Assited Dispatch (CAD) computers they are incapable of accessing the Internet. They go through a hardware Cisco ASA to reach the state, and that's the extent of Interneting allowed.

Qubes OS (0)

Anonymous Coward | about a year ago | (#42396547)

A new Linux distribution, Qubes OS takes isolation to the extreme. Even device drivers are put in virtual machines.


Mind the mine (1)

sdinfoserv (1793266) | about a year ago | (#42396555)

"Do Google and Apple data mine your private mobile phone data for private information?"
Really? You ask that question? Eric Schmidt stated a couple years ago that "Google isn't free- the cost is your information".

Even the US Govt considers your data no longer yours once it leaves your possession. Meaning, no search warrants are required for cloud based data. It's like taking garbage to the curb, it's a free for all.

Not only is your data not secure in the cloud, it's much more attractive target. Little me, "joe smith" is not a target at home, nobody gives rats rump about me... but Google or yahoo or hotmail... that's an exciting target for hackers. If you're data is there, you are now attractive via proxy. They get hacked, your data is compromised.

The problem is, laws haven't in any way kept up with technology. Unfortunately, mega global corporations now generate huge revenue off this broken model.. Thus, in the US anyway, it's now impossible to fix. It takes money to run for office, companies have money, therefore most elected officials are puppets of the corporate world. That's just fact in the US. Laws are not to protect people anymore.. just protect revenue.

What, me worry? (0)

Anonymous Coward | about a year ago | (#42396563)

I'm got a CISSP certification, and I think that other than learning about all the latest vulnerabilities and watching the feeds, there is almost no way to know to be sure of what is secure today. You usually learn about exploits when everyone else does too, so unless your living in the zero-day world, you will always be just a step behind the big attack. The more data you put into a computer, the more your susceptible. Try camping, that works for me.

Can't answer that without a threat model. (2)

John Hasler (414242) | about a year ago | (#42396569)

My "computing environment" is quite adequately secure against my threat model which is limited to criminals who might want my secret banking information. Yours might include the NSA or even Bruce Schneier.

Move to a Democratic country (1, Offtopic)

onebeaumond (1230624) | about a year ago | (#42396613)

and work to keep it that way. Security is a political state, according to most experts (Schneirer et al). And yes, "reducing the size of government" in a democracy means reducing that democracy.

DARPA...way better than the govt...oh wait (0)

Anonymous Coward | about a year ago | (#42396617)

yeah those are the guys to trust...DARPA. Nothing suspicious about that government agency.

Answers and better questions (1)

Anonymous Coward | about a year ago | (#42396621)

"Do Windows, OSX, and Linux have security holes?" Of course they do. A better question is, "Are they likely to have security holes that are known only to malicious actors that remain secret over time?" The usual answer for Linux is "NO WAY READ THE SOURCE!!!@!" In practice, not many people are qualified to review source for bugs, although backdoors inserted into widely reviewed and read code are likely to be detected before backdoors inserted into a code base with few people looking at it. As for backdoors in common OSes in general, the best answer is "probably not." Even without direct access to the source code, behavioral analysis of network traffic should show something's odd. Besides, large conspiracies are hard to keep secret. On the flip side, if your adversary really is the U.S. government or a similarly funded and capable entity, OS security holes in common OSes are the least of your concerns.

"Does Windows supply a backdoor for the U.S. or other governments?" I'm guessing you mean the NSAKEY [wikipedia.org]. Again, network behavioral analysis is your friend in detecting this. A better question is, "Does Microsoft provide a backdoor for themselves?"

"Should you really trust your Linux multiverse repository?" Maybe. A detailed explanation of what happened with the kernel.org compromise a while back was never forthcoming, at least not to the extent that FreeBSD has been with their own recent compromise. A better question is, "Do my adversaries have positive control over [insert resource here] in a way that is undetectable to me and others of [resource] over a sufficient time period to adversely affect my security?"

"Do Google and Apple data mine your private mobile phone data for private information?" Probably. What's "private information" in the context of your user agreement with them for use of their products? Unless expressly forbidden by law or contract (and sometimes not even then), you can expect a company to do what's best for itself. If that happens to also benefit you, great. If not, too bad. Better question: "Does [device] purchased from [company] have the obvious capability of making my data available to [company] should they have an interest in it?" Follow on: "Is it in [company]'s interest to protect my data? If not, is there a way I can make it so, or limit the access [company] has to my data?"

Does Ubuntu's sharing of my data with Amazon compromise my privacy? Maybe. See that part above about contracts, law, and corporate motivation.

"Can the U.S. Government seize your cloud data without a warrant?" In some cases, yes. I'm not completely current on court cases, but I think e-mail left on a service provider's system for >= 6 months can be read without a warrant. I think there's also some provision for mail that's been "opened," too. There have been numerous reports, however, that service providers have provided information to the government upon request, without requiring a warrant. I personally think the telecom industry is all too cozy with the government, and think the telecom immunity bill Congress passed is evidence of that. There are also some interesting correlations, e.g., Qwest was the only large telecom to NOT cooperate with the warrantless wiretaps, and their CEO was convicted of fraud. Better question: "Do I have data sitting around on a system over which I do not have positive control which I should've stored locally or deleted because it was no longer relevant?" Current law is much more protective of personally owned things (where the law agrees that a normal person would have some expectation of privacy) than it does of cloud services (where you have deliberately handed your data over to a third party, thus weakening the expectation of privacy that the law assumes a normal person would have).

"Can McAfee or Kaspersky really be trusted?" Assuming you don't mean John McAfee or Eugene Kaspersky personally, they can if being trustworthy is in their corporate interests.

What I find interesting is that your adversaries seem to be very U.S.-centric. Certainly there are other governments, such as the one running that country whose name is five characters long and starts with a "C"[*], of whom someone should be wary. There's also the question of your questions. By asking these sorts of questions, you single yourself out as someone with a possible interest in the surveillance capabilities of nation-states. That in itself makes you more interesting (albeit slightly) than the average Walmart customer.

The sad truth is that you will likely lose (and pyrrhic victory counts as a loss) any content you enter against a large, well-funded organization that happens to control the writing, enforcement, and interpretation of law. Such entities can usually out-spend and out-wait you, should they choose to do so.

As for how I establish a secure computing environment, I:

  • take stock of realistic threats
  • develop countermeasures to those threats
  • practice good data hygiene by purging data I no longer need
  • try not to look like a nail in need of hammering
  • look for things that shouldn't be there, and identify things never before seen in my logs or on my networks

I'm also paid for my paranoia, not medicated for it.

Old Questions.... off my lawn! (1)

TheCarp (96830) | about a year ago | (#42396631)

What this gets down to, even starts heading down that path right in the question, was covered by Ken Thompson in the classic paper "Reflections on Trusting Trust": http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]

There are some good questions in there but, the rathole its starting to go down is not helpful. You need to look at what secure means to you first. What are the use cases for the environment? What does the environment need to allow? What should it not allow? Why? Answer those, and the path forward will become more clear.

If you're paranoid enough to ask those questions (1)

Kjella (173770) | about a year ago | (#42396639)

If you're paranoid enough to ask those questions, then I'd suggest an air-gapped computer. Anything you want to install on it use a USB stick, so what if it has or installs a backdoor? There's no way to talk to that backdoor anyway. Unless you think somebody is going to create a custom trojan to infect the machine, extract whatever it wants and store it on the USB stick, then upload it to the mothership next time you plug it into an Internet-enabled computer. But if that's a concern you should probably put your computer in a Faraday cage in a vault too, because then you must have a three letter agency on your tail.

Pen and paper? (0)

Anonymous Coward | about a year ago | (#42396643)

Pen and paper?

erroneus (253617) FatASS needs PIZZA (-1)

Anonymous Coward | about a year ago | (#42396647)

"Oh... to eat pizza again..." by erroneus (253617) on Saturday December 22, @05:20PM (#42371769) from http://slashdot.org/comments.pl?sid=3335159&cid=42371769 [slashdot.org] since that disgusting fatbody pig is a waste of life obese swine with no dick!

APK needs to take his meds. (-1)

Anonymous Coward | about a year ago | (#42396669)

APK, your doctor called.

He wants to remind you that you promised to take your medication.

Take it.

Using a separate computer just for on-line banking (2)

AmongTheBoulders (2672061) | about a year ago | (#42396695)

I have thought about possibly using one computer just for on-line banking and another computer for everything else. That way the computer that is used for on-line banking would most likely never have been exposed any websites, email messages, or anything else which would be likely to contain malware. The computer that I would use for on-line banking would probably either use Linux or be a Mac.

I would not be 100% sure that that the computer used for on-line banking is clean, but that is probably about the best that I could easily do. I am not an expert on computers or computer security, but that seems like one possible resonable precaution.

My main desktop computer runs Linux, by the way, so if I were ever to add an on-line banking only computer, I would probably choose Linux for it too.

Re:Using a separate computer just for on-line bank (1)

bmo (77928) | about a year ago | (#42396781)

>use an entirely separate computer.

No. You don't have to. If you can boot from a USB port or CD/DVD, use a live read-only OS and boot from it.

An example of it is here: http://www.spi.dod.mil/lipose.htm [dod.mil]

You can do the same thing with other live distributions like Knoppix, Trinity, Ubuntu, etc.


Good grief... (1)

QuietLagoon (813062) | about a year ago | (#42396705)

If you are so unknowledgeable that you have to ask questions like the ones you asked, then the best way for you to compute securely is to use an abacus.

No matter how secure the OS is, no matter what security apps you are running; I am sure that you will find a way to bypass all that security and suffer an exploit.

Answers (0)

Anonymous Coward | about a year ago | (#42396707)

Do Windows, OSX, and Linux have security holes?
Does Windows supply a backdoor for the U.S. or other governments?
Should you really trust your Linux multiverse repository?
Do Google and Apple data mine your private mobile phone data for private information?
Does Ubuntu's sharing of my data with Amazon compromise my privacy?
Can the U.S. Government seize your cloud data without a warrant?
Can McAfee or Kaspersky really be trusted?
I would trust Eugene Kaspersky over John McAfee
What should we do if we don't have $21.4M USD?
Work for the government
Is it safe to buy a PC from any manufacturer?
Is it even safe to buy individual computer components and assemble one's own machine?
Or might the motherboard firmware be compromised?
What steps can one take to ensure a truly secure computing environment?
Disconnect from the internet
Is this even possible?
Can anyone recommend a through checklist or suggest best practices?
Step one: Put someone else in charge of security

security? no. (1)

swschrad (312009) | about a year ago | (#42396709)

any machine that has been used can be compromised. just like your living room, if a thug REALLY wants to get in, they will.

your task, therefore, gentlemen, is to be as frikkin BORING as possible. please to start with best Star Trek captain. nobody will bother you then.

Layers (2)

llZENll (545605) | about a year ago | (#42396785)

Layer 1 (most secure): strictest confidential information, for storage purposes only. system locked metal room with no windows and no internet, system locked in cage with access to display, keyboard, mouse, and drive, all data read/written to drive is permanently logged, connected to layer 2 via sneaker-net.

Layer 2: strictest confidential creation and reference. internal LAN only systems, user endpoints are read only and contain no drives or usb. server is in locked room with limited access and contains files accessed by users, as well as user endpoints with write capability, connected to layer 3 via sneaker-net.

Layer 3: confidential creation and reference. internal LAN with write ability to files, temporarily read only network connectable to layer 4 via password.

Layer 4: normal productivity with confidential read access. normal internet connected network, usb and drives on centrally located system controlled by admin, all io logged.

If seriously (1)

Max_W (812974) | about a year ago | (#42396787)

Most often than not computers and servers are intruded by spammers to install spam-sending bots. So, join spam reporting scheme on a regular basis, for example: http://blackhole.mx/ [blackhole.mx] Only human smartness can counter human smartness.

Use at least 2 operating systems, at least 2 browsers, at least 2 office applications, etc. Because if there is one and only one monopoly software or hardware vendor, it is much easier for it to get corrupted. A realistic competition is the best measure against corruption.

You raised serious questions of the civilization's scale. As any serious problem the problem of security can be solved by a systematic work and communication, at least partially. It will always be a running battle between good and evil.

Not too hard.. (1)

nurb432 (527695) | about a year ago | (#42396913)

1 - Reload all computers that come in the door with *your* load.
2 - Lock down hardware to prevent things like USB from working
3 - GPO ( or equivalent on *nix) .. Lock down the OS users dont need to be installing things. that's your job.
4 - Monitor monitor monitor... Both at the PC level and network.
5 - No BYOD..

How secure is secure, and what from? (0)

Anonymous Coward | about a year ago | (#42396981)

How secure is "secure"? There are plenty of tradeoffs to be had.

More explicitly, security is a vague term. More specifically, what threats is one concerned about?

Physical threats: Use disk encryption, multiple physical measures, locks with different keys (a HID lock for the outer doors, a high security lock for the hall, and a high security lock of a different make for the actual room), have insurance, use heavier case enclosures for desktops, cages for laptops if the Kensington lock port isn't up to snuff, add alarms and armed guards as needed.

Threats of privacy: Don't use the cloud, or if one does, use encryption. Have a content filter like BlueCoat that drops IP addresses of ad servers. Use a jail system (or just a dedicated user) for various Web browsing, so one's banking is in a separate sandbox/partition/VM than one's pr0n browsing. Keeping things split up reduces the ability to be tracked across sites. Of course, Adblock, and add-on blocking at the minimum.

Theats for offsite media: Most enterprise backup applications have encryption facilities built in, and are fairly simple to turn on and use. Just make sure to save the keys somewhere secure.

Threats against government seizure: Something other people might suggest ideas for.

Threats against remote attacks: For servers that sign packages, might just have them completely offline unless it requires some automation. Firewalls are important, both the external firewall, as well as internal ones. Separation of duties is important.

Threats against remote users (such as laptops stolen): Citrix Receiver comes to mind coupled with SecurID. Yes, the remote employee can still be coerced, but a stolen laptop would have zero data on it that a thief can use. Of course, there is disk encryption which is a must to ensure the OS has not been tampered with, but not having the data on the laptop in the first place if at all possible will solve a number of headaches.

Internal employee threats: This is more of an HR problem than anything else. Piss off employees too much and they will bypass any mesure in place. If push comes to shove, cameras are incredibly tiny, and not just come on cell phones. It is understandable to have some goof-proofing (such as in sensitive parts of the company, like finance, the machines wouldn't accept USB flash drives), but I've seen businesses tear themselves to pieces worrying about what their employees might do, and the result is that the good people bail for better gigs, and everyone else might stay until their resumes are fleshed out enough, or they might just hold out until they get canned so they get unemployment. Yes, there are always spies, but generally someone's career is put in the shitter if they are ever discovered trying to get data out deliberately, so they usually end up being a problem once.

If really worried about sensitive data, compartmentalize it and have good audit controls in place. That is good enough to deter all but the people who will sacrifice their careers.

Mobile phones: Wait until there is a solution by Android makers using the "worlds" functionality on the ARM CPU, use an app like TouchDown to keep Exchange data separate from personal data. iOS has the Divide app and decent security (no jailbreak even talked about, much less in beta for the iPhone 5), so that might be an acceptable risk. There are always Exchange policies as well.

Legal protection: Hire a lawyer and have them do the work. There is a lot of advice floating around, a good amount useful, but if one is concerned about legal matters such as compliance with SOX or other things, just get the legal eagles in to do the job right.

brain (0)

Anonymous Coward | about a year ago | (#42397029)

I already have a secure computing environment called my brain.
just don't show is any prn

No such thing as security (0)

Anonymous Coward | about a year ago | (#42397049)

These days, even the human brain can be decoded with RF-based neural interfaces. Security or secrecy are fallacies, a complete non-starter. The goal of any security team is to ensure majority functionality in a hostile environment.

That's it.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account