I had to chuckle at using a chainsaw for entry ... when I was in the Engineers we were taught to never use doors or Windows. Chainsaw was a good idea but for standoff, a LAW was a good choice. The shaking produced would set off pretty much anything the bad guys left behind for you.
Shawn is entirely correct about the absence of perfect security. It is really an economic problem though. Drive up detection cost by making it difficult to detect that a message exists in the first place. Drive up message acquisition cost by spreading the message data across different media and across time. Drive up analysis cost by using encryption. It is still possible to beat this, all this has done is increase the cost of the effort. The reason that CSIS, NSA, GCHQ and others hoover up so much data is because these costs are so low. Just think how much more focus they would bring to the problem If every sniffed email cost $1.00 to detect, acquire and analyze (and store/search/collate)? Cheers John J On Feb 13, 2015 1:57 PM, "Shawn Grover" <sgro...@open2space.com> wrote: > Besides taking the usual precautions (strong passwords, not running error > prone software or operating systems, encryption, etc.) I have philosophical > thoughts around security. > > Security is an illusion. There will always be people who want what others > have. There is very little, or maybe absolutely nothing that can be done > to prevent them from getting what they want, if they want it bad enough. > The only thing that can really be done is to make it appropriately > inconvenient to get to the protected items for those who are not > authorized, or not especially determined to get past the safe guards. > > Think physical for a moment. You may think that locking your doors and > windows will keep people out of your house. But if someone were suitably > motivated to get into your house, windows can be smashed and doors can be > picked or kicked in. So you escalate and go with good/expensive locks that > are less prone to being picked, you install steel reinforced doors and you > put bars on your windows. Again this does not stop anyone who is suitably > motivated - they can take a chain saw to the wall and make their own > entrance, take a blow torch to the bars and/or door, or just drive a truck > through the front entrance. > > The point is that in a physical sense there is NOTHING you can do to > absolutely keep people out. All you can do is take reasonable precautions > to protect what you deem valuable. The more valuable the items, the more > in depth a "reasonable" precaution would be. > > This all applies to digital as well. There is ZERO ways to absolutely > protect your data from those who are suitably motivated. All the > precautions that are routinely discussed are reasonable steps to prevent > casual unauthorized access. But if an unauthorized person were suitably > motivated, there is plenty they can do to get to your data. Bot nets to > perform decryption analysis, viruses/trojans to access the data before it > is encrypted, monitoring traffic patterns, or just stealing the physical > device. > > The lessons I have learned are this: > 1. If you pass data into a medium you do not control, you no longer > control your data. (transmitting radio waves, talking in a busy > restaurant, passing data through an ISP's networks, etc.) (I do not take > credit for this - it was taught to me in electronic warfare training > sessions in the late 80's with regards to radio communications, and still > holds true today.) > 2. If you do not want anyone to know something, then don't talk about it. > The only sure secrets are the ones where only a single person knows em and > knows OF them. > 3. Context matters. There will always be those who will take data out of > context - accidentally or intentionally. All we can do in this area is to > try to provide the context with the data, or shortly after a "leak" takes > place. > 4. While we can be as paranoid (or not) with our own data as we choose, > how others treat our data, or how we treat other's data, is often > different. Not much we can do about this other than be vigilant with our > data, respect other's data, and correct problems when they come up. > Unfortunately those with different ethical/moral values may not be playing > by the same rules. > 5. xkcd sums up the problems nicely: http://xkcd.com/538/ and > http://xkcd.com/936/ > > My thoughts. > > Shawn > > > On 15-02-12 09:07 AM, Gustin Johnson wrote: > > A VPN just changes your exit point. This means that your ISP loses > visibility into your traffic but the VPN provider now gets this insight. > All you have done is move your exit point, and if this endpoint exists in > North America the people can get access to your data via the ISP can just > as easily get it from the VPN provider. At best you can complicate this > procedure, but that is only if you trust the VPN provider. > > A VPN also does nothing to ensure privacy since those problems are in the > operating systems and browsers that we use. > > A VPN is useful when connecting to open wifi access points or other > untrusted networks. > > The short short answer is that there is no easy shortcuts. There are also > no single solutions to the collection of problems John outlined. > > On Wed, Feb 11, 2015 at 7:37 PM, Joe S <joes...@shaw.ca> wrote: > >> how would using vpn compare to using these services? I have >> heard that is good for privacy. >> >> On Tue, 10 Feb 2015 21:46:39 -0700 >> John Jardine <john.e.jard...@gmail.com> wrote: >> >> > There is a lot of info to cover here. >> > >> > The two fundamental blocks are anonymity and privacy ... they >> > are different and require some different tools. >> > >> > Tor can protect your anonymity if you respect the limits of >> > its use. >> > >> > Privacy can be accomplished in part by using a browser or OS >> > that has no persistent data about you. During your browsing >> > you must not disclose any personally identifying data, or any >> > knowledge than can reasonably be traced back to you. >> > >> > E.g. If you use tor to sign on to Gmail you're done ... Google >> > has enough info available to associate that session back to >> > your real identity (assuming you have either an android phone >> > or have used Google from home/work with your real name. >> > >> > This is a well researched topic and the tor website is a great >> > resource to teach you exactly what you're trying to do. >> > >> > Cheers >> > John J >> >> >> _______________________________________________ >> clug-talk mailing list >> clug-talk@clug.ca >> http://clug.ca/mailman/listinfo/clug-talk_clug.ca >> Mailing List Guidelines (http://clug.ca/ml_guidelines.php) >> **Please remove these lines when replying >> > > > > _______________________________________________ > clug-talk mailing > listclug-talk@clug.cahttp://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying > > > > _______________________________________________ > clug-talk mailing list > clug-talk@clug.ca > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying >
_______________________________________________ clug-talk mailing list clug-talk@clug.ca http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
