security / privacy article on la reg

[Testin da Cable]

Thomas C. Greene, of Register fame, has graced us with an yet another article on security and privacy for [linux] users. Though the article is geared towards linux peeps running kde as a desktop, the concepts the article builds on are a good thing to be aware of. Especially users of *cough* less security consious operating systems

 

[xane]

The article is interesting and informative but sort of mixes up "security" with "paranoia", there is the geeky side of us who like to be assured we're beating the hackers by refusing all access, but on the more practical side there is nothing to be gained by simply erasing caches and such, you just slow down your machine.

What the article fails to spot is the origin of questionable material, if I download some terrorist propaganda onto my machine then surely the authorities would be more interested in the source rather than the second-hand duplicate I have. Even if the post-9/11 fueled CIA were cracking down I doubt they have the funding and manpower to get around to checking my machine amongst the millions of others.

Of course, if I really _was_ involved in terrorist activities, then I might have something to worry about.

Joe average is more concerned with annoying pop-ups and software that tracks you for advertisement and marketing reasons, not if the Feds suddenly bust you when you're in the middle of downloading some Aria Giovanni vids.

What's the point in "securing" your machine only to fire up some spyware-laden P2P clone with its "please open all ports option" and SubSeven plug-in, then continue to download directly from someone elses unsecured and virus-riddled wormhole ?

Greene often berates people like Gibson for overhyping the real or imagined threats to security, yet he does seem rather guilty of the same thing here. The "strap on RAM and erase the swapfile" is a bit excessive don't you think ?

 

[Testin da Cable]

A goodly portion of security is being paranoid, wouldn't you agree? If I can dream up evil things to do to my pc's os, that means others can too [or already have] thus anything I can do to thwart the potential miscreant is a boon. I differentiate like so: local and remote threats. How you deal with them is up to you basically.
Of course there is a rather wide grey area between ease of use and uber secure, thus unfriendly, computing. This is where the common sense of Joe Average comes in. If Joe is going to download terrorist_plot.doc from evilhost.com he's going to have to take serious precautions, some of which Thomas touched on, against the unlikely event that some governement agency will come picking through his files while Joe is out golfing with his mates. On the other hand, if Joe merely wants to hide aria_lapdance.avi from his everloving wife some of the things Thomas outlined will be all he has to do.
Protecting yourself from the prying eyes on the internet, ie. the software that tracks you for advertisement and marketing reasons [and other reasons] as you said, is something entirely different. If you don't want to be tracked, due to moral issues or otherwise you will have to take steps to combat this like evaluating the programs you use, cookie control, firewalling, blocking pop-ups, encryption and other ways of anonymizing yourself and your data.
What bugs me is that for all the tricks you try to hide yourself, the marketing drones are fighting back with stuff like hidden fields, pop-ups that hide themselves, one-pixel counters, cookies and lines and lines of code in the web pages you visit. When a website refuses me entry because I don't have cookies enabled, javascript disabled or whatever I want to do evil to whatever bastard dreamed that up.

I know Joe Average doesn't give a damn, but imo he should be glad that I do.

 

[xane]

Originally posted by Testin da Cable
A goodly portion of security is being paranoid, wouldn't you agree?

No. There is a subtle but important difference.

My cache is useful in tracking where I have been and speeding up access, being _secure_ is preventing that information being accessed remotely or without authorization, being _paranoid_ is wiping it clean or disabling it because you don't trust the security.

Originally posted by Testin da Cable
If Joe is going to download terrorist_plot.doc from evilhost.com he's going to have to take serious precautions, some of which Thomas touched on, against the unlikely event that some governement agency will come picking through his files while Joe is out golfing with his mates.

I think you missed my point, being (a) the Feds would be onto evilhost.com not you, and (b) breaking into your house requires some pre-emptive excuse anyway, the Feds will _already_ summize you are guilty of something, they just need evidence, the mere downloading and presence of the file on your disk is not going to invoke any response at all.

Greene gives the impression that stuff on your disk can and will be used to "convict" you, this is incorrect, you will already be convicted by the time they take the machine away.

 

[Testin da Cable]

Originally posted by Cama

My cache is useful in tracking where I have been and speeding up access, being _secure_ is preventing that information being accessed remotely or without authorization, being _paranoid_ is wiping it clean or disabling it because you don't trust the security.

ah, but we're [or at least Thomas] is talking about disabling disk caching and enabling memory caching in the case of a browser. Disabling a swapfile on the other hand because you're afraid of data it contains falling into the wrong hands may well seem paranoid to thee and me, but it depends how you define your level of security. If a firewall and some common sense is enough [and it usually is] then it's paranoid; if you sweep your lan every night and run terminals off of highly secure servers then it may well be standard procedure.

Originally posted by Cama
I think you missed my point, being (a) the Feds would be onto evilhost.com not you, and (b) breaking into your house requires some pre-emptive excuse anyway, the Feds will _already_ summize you are guilty of something, they just need evidence, the mere downloading and presence of the file on your disk is not going to invoke any response at all.

Possibly, but a security agency may come into posession of your beloved pc through a different channel, thus clueing them in to the existance of evilhost.com from your logs, caches etc. The possibilities are many. I do agree that 'teh feds' will probably know about evilhost.com before Joe [potential] Terrorist finds out though.

Originally posted by Cama
Greene gives the impression that stuff on your disk can and will be used to "convict" you, this is incorrect, you will already be convicted by the time they take the machine away.

slight edit: it may be that they suspect you of evildoing and take your machine away for analysis. objects off your drive can be used as proof at a possible trial where you may be convicted of whatever you have done.



What I personally don't like about the article is that Thomas stresses a 'criminal' slant on things. He talks about 'forbidden information', 'surveillance' et al. All well and good in the China context, but Joe Average trying to keep spyware at bay isn't a criminal and shouldn't be painted with the same brush. [a marketeer using spyware may think differently though ]

 

[xane]

Originally posted by Testin da Cable
objects off your drive can be used as proof at a possible trial where you may be convicted of whatever you have done.

Oh yeah, that's right, all terrorists get a fair trial with convincing evidence nowdays, I quite forgot



Seriously though, I doubt very much that authorities have the manpower or finances to examine everybody, even a random sample. In cases where, for example, kiddie pics have been found by the repair dept at PC World are normally because (a) the police knew already or (b) the PC belonged to a famous person or (c) both.

The kind of "security" measures he describes are for people who are in deep shit already, proposing to disable cache or spend a fortune on RAM to avoid the swapfile is the geek equivilent of wearing a tinfoil hat.

/me goes off to watch Enemy of the State again.

 

[Testin da Cable]

I wasn't talking about..oh nm

btw...*looks around*...you mean tinfoil doesn't work? seriously?

 

[PR.]

Well I stick my finger up to Security.

I have a Wireless LAN at home without WEP enabled cos you get 43% more throughput

AND

I have my desktop machine setup for remote desktop so I can dial into it from work


I just keep a check on the DHCP records of my router every couple of days to make sure that no one has been using it...

 

[Testin da Cable]

*finger PR's ports*

 

[xane]

Originally posted by Testin da Cable
Originally posted by Cama

very subtle, Mr G should take note

 

[danger]

You wouldn't happen to know of ne good newbie security sort of guides would you... mainly for windows although I do use redhat aswell.... Just got me thinking that for somone who auto accepts all cookies etc I don't want to be an advertisers dream anymore

heh

 

[Testin da Cable]

hmm well, I'll try. please be aware that I haven't read all of these. perhaps others can help out.

A quich search on google gives me the following:

techhelp has a page with some possibly useful tools.

winguides has lots of stuff. link goes straight to the security pages.

the ever lovely cert has something to say about the matter too. this is probably a bit more hefty. they offer links to other resources too.

the peeps at linuxsecurity have a nice page.

this one, also from linuxsecurity deserves it's own link imo

these guys too.


there are loads and loads of sites and pages devoted to security in general. I still have some bookmarks here and there. in the mean time read! oh, and use your head

 

[danger]

oh, and use your head

*Headbutts his modem*

Much more secure

heh cheers TdC will start sifting through em.....

BTW. does anyone know how good anonymizer is? I was wondering mainly if using the proxy slows things down?

is that slightly over the top? Then again just because you're paranoid doesn't mean they're not out to get you!

 

[xane]

Originally posted by ^Danger
You wouldn't happen to know of ne good newbie security sort of guides would you... mainly for windows although I do use redhat aswell.... Just got me thinking that for somone who auto accepts all cookies etc I don't want to be an advertisers dream anymore

heh

I'll give a metaphorical gritting of teeth here and suggest Gibson, but please bear in mind this guy is very prone to making outlandish remarks verging on the paranoid, however a certain page I think everyone should look at is his network "bondage" (snicker snicker) page, which shows how you can secure Windows right at the start before you get into firewalls etc.

 

[Will]

To go along with the whole paranoia thing, try this article and this article.

 

[legendario]

Security on my machine is frighteningly lax

*thumbs TdCs guides*

*checks credit card statement*