What to install for a "secure" computer

playdafunkimuzic · 2010-07-14 15:38:06

Hi,

I was recently reading something online that made me quite paranoid...I always have used FF with adblockplus, but that's about it. So I went ahead and installed noscript, and privoxy + tor. What else can I install to ensure a super secure machine? Which firewall is recommended?

PirateJonno · 2010-07-14 15:41:19

a package manager that supports digital signatures? if you're looking for paranoid security, arch probably isn't the right distro (for now anyway, hopefully we will have package signing in the near future)

dyscoria · 2010-07-14 16:28:54

You'll probably also want to switch to Fedora which is the (only?) distro with good support for SELinux.

karol · 2010-07-14 17:16:10

> What to install for a "secure" computer
As few apps as possible + switch to OpenBSD :-)

Awebb · 2010-07-14 17:29:51

playdafunkimuzic wrote:

What else can I install to ensure a super secure machine?

Disconnect it from the internet.

nixpunk · 2010-07-14 17:31:24

Awebb wrote:

playdafunkimuzic wrote:
What else can I install to ensure a super secure machine?
Disconnect it from the internet.

You stole my words...

pogeymanz · 2010-07-14 19:11:00

playdafunkimuzic wrote:

Hi,
I was recently reading something online that made me quite paranoid...I always have used FF with adblockplus, but that's about it. So I went ahead and installed noscript, and privoxy + tor. What else can I install to ensure a super secure machine? Which firewall is recommended?

In all seriousness, Fedora is probably a good bet for a secure distro because it's package manager has package signing (Arch does not yet), meaning it would be harder for someone to "trick" your computer into installing a malicious package. Obviously, there are still plenty of people using Arch, so this is not a huge threat. Fedora also has SELinux installed and configured by default, I think. SELinux gives each app a more finely tuned set of permissions. Theoretically, I could run App A and it could change the setting for App B just because it has access to my whole home directory. SELinux fixes that and much more advanced stuff.

If you are only afraid of the scary internet corporations (Google, Your ISP, Your Government), like I am, you can also look into installing Ghostery Firefox extension or setting NoScript to block "Web Bugs" (it's in the advanced tab, I believe).

Also make sure that all cookies are deleted when Firefox closes.

Also make sure to block "flash cookies." Do a search for LSO's or install BetterPrivacy Firefox extension.

Use Ixquick or Scroogle for your web searches instead of Google.

Software firewalls are redundant if you are behind a router, so that shouldn't help you sleep at night.

loafer · 2010-07-14 19:16:25

If you really want a super secure computer you are missing the point. The real issue in this case is physical access to the box. If you can tie that down, then start looking at firewalls etc. If someone can walk up to the computer ...

playdafunkimuzic · 2010-07-14 23:12:19

These are the sorts of things I was looking for guys, just a little bit of security Thanks. Please, more tips.

Xyne · 2010-07-15 00:26:50

playdafunkimuzic wrote:

Hi,
I was recently reading something online that made me quite paranoid...I always have used FF with adblockplus, but that's about it. So I went ahead and installed noscript, and privoxy + tor. What else can I install to ensure a super secure machine? Which firewall is recommended?

You might be interested in the RequestPolicy add-on too. Btw, when using privoxy+tor, keep in mind that your connection is only anonymous, not secure. If you connect to a site via HTTP and then log in, the Tor exit node can capture your packets and glean your login data.* When using Tor, only log in to sites that support end-to-end encryption (e.g. HTTPS, SSL, etc).

If you need a firewall, read up on iptables usage.

* This isn't just theoretical. People have run Tor exit nodes and captured login information for thousands of users, including corporate intranet logins etc.

playdafunkimuzic · 2010-07-15 01:47:43

Is Tor really necessary, outside of anonymity. It is quite slow... is there a better alternative?

skottish · 2010-07-15 02:43:57

playdafunkimuzic wrote:

Is Tor really necessary, outside of anonymity. It is quite slow... is there a better alternative?

Search for 'tor detection' and find out just how safe it is. People have been able to detect tor proxies for a while. Imagine that. The same people that understand them figured out how to detect them.

My advice? Listen to what others have already said here and be smart. Paranoia will find you far more problems than you actually have.

ngoonee · 2010-07-15 02:47:58

skottish wrote:

Paranoia will find you far more problems than you actually have.

Legendary quote. Online security, like real-life security, has far more to do with your practices than your technology.

kaizoku · 2010-07-15 15:17:23

You need a firewall, DO NOT ignite your wall, it might burn some cables.

Arch Linux

#1 2010-07-14 15:38:06

What to install for a "secure" computer

#2 2010-07-14 15:41:19

Re: What to install for a "secure" computer

#3 2010-07-14 16:28:54

Re: What to install for a "secure" computer

#4 2010-07-14 17:16:10

Re: What to install for a "secure" computer

#5 2010-07-14 17:29:51

Re: What to install for a "secure" computer

#6 2010-07-14 17:31:24

Re: What to install for a "secure" computer

#7 2010-07-14 19:11:00

Re: What to install for a "secure" computer

#8 2010-07-14 19:16:25

Re: What to install for a "secure" computer

#9 2010-07-14 23:12:19

Re: What to install for a "secure" computer

#10 2010-07-15 00:26:50

Re: What to install for a "secure" computer

#11 2010-07-15 01:47:43

Re: What to install for a "secure" computer

#12 2010-07-15 02:43:57

Re: What to install for a "secure" computer

#13 2010-07-15 02:47:58

Re: What to install for a "secure" computer

#14 2010-07-15 15:17:23

Re: What to install for a "secure" computer

Board footer