On Mon, May 2, 2011 at 3:05 AM, Kraktus <krak...@googlemail.com> wrote:
> On 1 May 2011 12:35, Charles Blair <c-bl...@illinois.edu> wrote:
>> B B Is the absence of a graphical browser from the base system
>> a statement that any attempt to do such things as look at
>> stuff on youtube is inherently unsafe?
>
> Not speaking officially, but, as I understand it, the general idea is
> that any unnecessary software is also an unnecessary security risk.
> Therefore, you should only run necessary software, which results in
> necessary security risks. What is necessary varies from one person to
> another, so OpenBSD ships with very little enabled by default ("secure
> be default") and you have to go install and enable the things that are
> necessary to you personally.
>
> I find it very empowering. Rather than being handed an insecure but
> feature-rich operating system and having to try to lock down the
> features I don't want, and ultimately fail because a) I'm not a good
> enough security expert and b) it's not even possible to lock down most
> operating systems as well as OpenBSD short of some major code
> revisions and audits... I get to choose which security risks are worth
> taking. Horray!
>
> I doubt there are any graphical browsers under the BSD license, which
> wouldn't help either. Things which are under a more restrictive
> license than that are generally segregated to ports and packages and
> not included in the main system.xxxterm works excellent with youtube html5 > >> B B Is tor considered a safe way to do anonymous browsing, or >> does openbsd recommend an alternative? > > I don't think the OpenBSD project offers any recommendations on that. > Anonymity is a different type of security than the type OpenBSD is > offering. (Of course, running OpenBSD will certainly foil many > attempts to break your anonymizing proxy by installing some kind of > spyware or something.) > > I believe the three major ones are Tor, JonDo, and i2p. The last is > really only useful for accessing their own internal i2p network. > (There's also Mixminion, although I think it's more academic than > useful at this point.) However, they are all reputable open source > projects, each with different strengths and weaknesses. Each needs the > browser or other application to be configured properly for optimum > anonymity. However, a detailed discussion on all that is really > outside the scope of this mailing lists, especially given that those > projects have their own mailing lists and forums. > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > https://anonymous-proxy-servers.net/forum/viewforum.php?f=8 > http://forum.i2p2.de/
