You are not logged in.
Pages: 1
Hi,
I was recently reading something online that made me quite paranoid...I always have used FF with adblockplus, but that's about it. So I went ahead and installed noscript, and privoxy + tor. What else can I install to ensure a super secure machine? Which firewall is recommended?
Offline
a package manager that supports digital signatures? if you're looking for paranoid security, arch probably isn't the right distro (for now anyway, hopefully we will have package signing in the near future)
"You can watch for your administrator to install the latest kernel with watch uname -r" - From the watch man page
Offline
You'll probably also want to switch to Fedora which is the (only?) distro with good support for SELinux.
flack 2.0.6: menu-driven BASH script to easily tag FLAC files (AUR)
knock-once 1.2: BASH script to easily create/send one-time sequences for knockd (forum/AUR)
Offline
> What to install for a "secure" computer
As few apps as possible + switch to OpenBSD :-)
Offline
What else can I install to ensure a super secure machine?
Disconnect it from the internet.
Offline
playdafunkimuzic wrote:What else can I install to ensure a super secure machine?
Disconnect it from the internet.
You stole my words...
Offline
Hi,
I was recently reading something online that made me quite paranoid...I always have used FF with adblockplus, but that's about it. So I went ahead and installed noscript, and privoxy + tor. What else can I install to ensure a super secure machine? Which firewall is recommended?
In all seriousness, Fedora is probably a good bet for a secure distro because it's package manager has package signing (Arch does not yet), meaning it would be harder for someone to "trick" your computer into installing a malicious package. Obviously, there are still plenty of people using Arch, so this is not a huge threat. Fedora also has SELinux installed and configured by default, I think. SELinux gives each app a more finely tuned set of permissions. Theoretically, I could run App A and it could change the setting for App B just because it has access to my whole home directory. SELinux fixes that and much more advanced stuff.
If you are only afraid of the scary internet corporations (Google, Your ISP, Your Government), like I am, you can also look into installing Ghostery Firefox extension or setting NoScript to block "Web Bugs" (it's in the advanced tab, I believe).
Also make sure that all cookies are deleted when Firefox closes.
Also make sure to block "flash cookies." Do a search for LSO's or install BetterPrivacy Firefox extension.
Use Ixquick or Scroogle for your web searches instead of Google.
Software firewalls are redundant if you are behind a router, so that shouldn't help you sleep at night.
Offline
If you really want a super secure computer you are missing the point. The real issue in this case is physical access to the box. If you can tie that down, then start looking at firewalls etc. If someone can walk up to the computer ...
All men have stood for freedom...
For freedom is the man that will turn the world upside down.
Gerrard Winstanley.
Offline
These are the sorts of things I was looking for guys, just a little bit of security Thanks. Please, more tips.
Offline
Hi,
I was recently reading something online that made me quite paranoid...I always have used FF with adblockplus, but that's about it. So I went ahead and installed noscript, and privoxy + tor. What else can I install to ensure a super secure machine? Which firewall is recommended?
You might be interested in the RequestPolicy add-on too. Btw, when using privoxy+tor, keep in mind that your connection is only anonymous, not secure. If you connect to a site via HTTP and then log in, the Tor exit node can capture your packets and glean your login data.* When using Tor, only log in to sites that support end-to-end encryption (e.g. HTTPS, SSL, etc).
If you need a firewall, read up on iptables usage.
* This isn't just theoretical. People have run Tor exit nodes and captured login information for thousands of users, including corporate intranet logins etc.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Is Tor really necessary, outside of anonymity. It is quite slow... is there a better alternative?
Offline
Is Tor really necessary, outside of anonymity. It is quite slow... is there a better alternative?
Search for 'tor detection' and find out just how safe it is. People have been able to detect tor proxies for a while. Imagine that. The same people that understand them figured out how to detect them.
My advice? Listen to what others have already said here and be smart. Paranoia will find you far more problems than you actually have.
Offline
Paranoia will find you far more problems than you actually have.
Legendary quote. Online security, like real-life security, has far more to do with your practices than your technology.
Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.
Offline
You need a firewall, DO NOT ignite your wall, it might burn some cables.
Offline
Pages: 1