On Mon, Nov 26, 2007 at 03:16:58PM -0600, Ron Johnson wrote: Lets look at this and see how feasable it is and still make having an internet connection worth-while. If you want a truely secure internet, don't use the internet. Buy a true copy of OpenBSD (since you can be more sure that its real than someone's download-and-burn of Debian's). Never connect to the internet and use the computer locally only. I've heard that a top status-symbol at CIA is the NON-NETWORKED computer.
> If you want your internet existence to be totally secure: > a) *Never* conduct financial transactions on-line, OK. Telephone I guess. Do banks still have their own network or do they use the Internet (perhaps IPSec or something over standard Internet)? > b) never give out any personally identifiable information, OK. > c) never discuss anything the least bit controversial, Anything you say will be controversial to someone, or at least open to interpretation. Very few of us are skilled professional diplomats who live and breath nuance communication. > d) never use a SIP phone[0], OK. > e) Skype seems secure, but the Germans[1] might have cracked > it and be blowing smoke in order to get Bad Guys to use > encrypted Skype, Heh. Not that I know what a Skype is. > f) use the w3m browser, What is it that makes w3m more secure? Is it fewer features or is it really designed to be better? Presumably it doesn't have Java. Is it more secure than the Lynx (patched) that is included in OpenBSD base? > g) use Mutt or Alpine, I don't see Alpine in Etch. It makes sense that Mutt being only a MUA could be more secure than something that shares code with an unsecure browser. Why else? > h) never send cleartext email, Why? Or is it just that over time you build up a large amount of public writing that may give away hints that aren't noticable in individual posts? > i) only email a select group of friends & always use GPG, So don't ask for help on DU? > j) never use IM, bittorrent, ftp, etc, IM: OK bittorrent: OK, but why, if the MD5sum checks out? ftp: Why? If you get the MD5sum via another route, e.g. http from another server? Would you include, e.g. cvs updates from openbsd.org (in order to get security patches) in this? I use an ftp mirror for my debian debs. Is it less secure than http? > k) install minimal OpenBSD on your desktop, While I'm sure the OBSD people would agree, with the same apps installed, is OBSD really more secure than Debian? > l) run really-minimal OpenBSD on your tight firewall. > Ditto? ---- Other than not sending plain-text email (e.g. to DU) or using FTP, this looks really easy to follow. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
