Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How do YOU establish a secure computing environment?

sneakyimp (1161443) writes | about 2 years ago

Security 3

sneakyimp (1161443) writes "We've seen increasingly creative ways for bad guys to compromise your system like infected pen drives, computers preloaded with malware, mobile phone apps with malware, and a $300 app that can sniff out your encryption keys.
On top of these obvious risks, there are lingering questions about the integrity of common operating systems and cloud computing services. Do Windows, OSX, and linux have security holes? Does Windows supply a backdoor for the U.S. or other governments? Should you really trust your linux multiverse repository? Do Google and Apple data mine your private mobile phone data for private information? Does Ubuntu's sharing of my data with Amazon compromise my privacy? Can the U.S. Government seize your cloud data without a warrant? Can McAfee or Kaspersky really be trusted?
Naturally, the question arises of how to establish and maintain an ironclad workstation or laptop for the purpose of handling sensitive information or doing security research. DARPA has approached the problem by awarding a $21.4M contract to Invincea to create a secure version of Android. What should we do if we don't have $21.4M USD? Is it safe to buy a PC from any manufacturer? Is it even safe to buy individual computer components and assemble one's own machine? Or might the MOBO firmware be compromised?
What steps can one take to insure a truly secure computing environment? Is this even possible? Can anyone recommend a through checklist or suggest best practices?"

cancel ×


Sorry! There are no comments related to the filter you selected.

Secure computing IS possible. (1)

symbolset (646467) | about 2 years ago | (#42379145)

All you have to do is design every single component of computer from the individual transistors up with security in mind - and inspect the build to ensure that it is as-designed using an electron microscope. And then write the operating system and all the apps to never, ever trust their data. And then never, ever connect it to the Internet or any other device that's not equally trusted. And operate it only in a Faraday cage protected by a 300 km completely dead perimeter with no life forms or electronic devices - preferably somewhere in the Asteroid belt. And don't let any other person operate it.

But if you're going to go to all that trouble you might as well just not digitize your data anyway.

Re:Secure computing IS possible. (1)

Hyperhaplo (575219) | about 2 years ago | (#42379781)

I was going to say "Build your own CPU, mothervboard, daughter cards, write your own code OS applications and all and never allow it to connection to another device" but let's go with your answer :-)

Install a decent Linux distro (1)

overmoderated (2703703) | about 2 years ago | (#42380653)

For personal computers: Verify the signatures of all software before you install it. Use openSSH with PKI to tunnel all your traffic. Add a conditional firewall rule that blocks brute force attacks after three failed authentication attempts. Configure your firewall to block all unnecessary traffic. Install an IPS, such as snort. Use rootkit scanners. Use strong passwords. No need to remember them. KeepassX and Truecrypt can be useful tools. Google offers free and open source code to install your own 2-factor authenticator. It doesn't make any outside calls. Everything runs locally. Use proper encryption. Don't store anything in the cloud. Hard drives are too cheap to take a chance. There are plenty of plugins to secure your browser. There are plenty of reliable antivirus packages that you can use on Linux. They may be overkill, but very useful to scan a Windows partition. I'm sure I'm overlooking things, but feel free to add your own tips. For sensitive computers: Don't connect to a public network Use closed encryption Use strict security protocols, the human factor is the weakest link in any type of security.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?