Re: [liberationtech] Ubuntu Privacy Remix remix?
On Wed, Nov 06, 2013 at 01:21:20PM -0800, Matt Johnson wrote: Sorry Eugen, I am still not getting it. You will author content in isolation, without reference to any information at all? Or perhaps in Let's say you're a journalist working with Snowden's leaked documents. Would you be comfortable with keeping any of these materials online at any time? a library with books on paper? When I author something I constantly refer to other material. Nobody prevents you from referring to external materials. This is why you buy an additional machine, and keep it stricly quarantined. And you *should* try to keep your main Internet-facing machine secure (e.g. by compartmentalization, and using hardened, amnesiac virtual appliances, preventing targeted spearphishing by using anonymization), just do not expect that it's a complete protection. Even an air-gapped machine is not a complete protection, if your physical security is inadequate to prevent an evil maid attack, or a TEMPEST attack. It all depends on your threat model. Lets say you write something, then burn it to CD and transfer it to a networked system and send it out. Isn't it now subject to traffic analysis and perhaps malware injection? It is only secure if you Use anonymizing networks and encryption against traffic analysis and tampering with documents. author it and never move it from the air gaped computer. This is incorrect. You can move your documents back and forth, provided you take precations about what you transfer, and how. If you take Griffin's point that connecting a USB stick, or external You'll notice e.g. Bruce Schneier made very specific recommendations about using sneakernet for document transfers. Your chiefest potential vector is sloppy code in USB device insertion processing. I'm not sure hotplug SATA or CF is any better. This is something which needs focused attention. hard drive is dangerous, and that PDFs are dangerous then I don't Security is never boolean. You can avoid richer formats, or revert to safer (e.g. PDF-A) forms to minimize attack surface exposure. think you can do much with that air gaped computer. I am asking a serious question, what are realistic use cases for an air gaped computer? Keeping your main keys for signing really important materials, and proof if identity. Keeping extremely sensitive documents secure. Every activist should have one. Buy a used notebook, have it modified by technical people you trust to minize risk if it really matters. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
d.nix: On 11/5/2013 2:35 PM, anon14...@safe-mail.net wrote: It's about making a box really offline. Privacy is just part of the name of the distro from my example. Privacy is coming anyway. Security is about not getting my computer stolen. And for that I want to have full disk encryption. I would heartily second Whonix then; You run whatever OS you like on the box that will support VirtualBox, and then Whonix runs two customized Debian VM's inside that, with one being a Tor gateway, and the other configured to *only* talk to that gateway. You can run full disk encryption on the hardware and everything is locked down tight. For the uber paranoid, you could install your VM's and Whonix inside a TrueCrypt hidden volume and *nothing* will show short of a major forensics tear down of your physical device - or crappy OPSEC on your part... So «it's about making a box offline» gives me an answer about how I can stuck a few virtual machines on top of each other to get what? Networking! I am really really sorry, but dude, what does **offline** mean to you? Paying someone to install a third and fourth ethernet card? I'll quote my original message and let you find out how pushing Whonix fits the bill: anon14...@safe-mail.net: Trying the now rather dated Ubuntu Privacy Remix I figured out any recent distribution would do. Just the ability to disable networking by hand and that's all. It has to be made for flash media. Meaning writing to the disk only if necesary. It would be nice to be privacy aware, meaning it can have at least some part encrypted. It has to be able to interact with encrypted drives. Luks, encfs, truecrypt. But do you know anything that would fit the bill? Security is of no interest for such a distribution. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
I fail grasp the utility of such and offline computer. If you keep a computer air gaped as you describe you will not be able to do much with it. What do you want the air gaped computer for? -- Matt Johnson On Wed, Nov 6, 2013 at 9:18 AM, Griffin Boyce grif...@cryptolab.net wrote: anon14...@safe-mail.net wrote: I am really really sorry, but dude, what does **offline** mean to you? Buy a dedicated machine for your offline activities, physically remove the wireless card(s), disable the bluetooth module, and remove all network drivers. If something is fully air-gapped forever, then operating system is virtually irrelevant. There are sufficiently advanced removable-media exploits that can hitch a ride on your USB sticks and external hard drives and even your PDFs. For ~additional~ levels of protection, remove your hard drive entirely and use an easily-discarded operating system like Whonix or even Puppy Linux on a CD. ~Griffin -- Be kind, for everyone you meet is fighting a hard battle. PGP: 0xD9D4CADEE3B67E7AB2C05717E331FD29AE792C97 OTR: sa...@jabber.ccc.de -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
On Wed, Nov 06, 2013 at 10:54:34AM -0800, Matt Johnson wrote: I fail grasp the utility of such and offline computer. If you keep a You must have nothing to hide, then. Some of us do. computer air gaped as you describe you will not be able to do much with it. Gee, how about authoring content, and encrypting it, and transferring it via sneakernet to your insecure system. That way untrusted network doesn't start at your router, but at your main machine. What do you want the air gaped computer for? Gee, this is exactly the kind of questions which TLAs would love to have answered. But no longer can exfiltrate stealthily. That alone should give you sufficient reason to pay for an air-gapped computer. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
Sorry Eugen, I am still not getting it. You will author content in isolation, without reference to any information at all? Or perhaps in a library with books on paper? When I author something I constantly refer to other material. Lets say you write something, then burn it to CD and transfer it to a networked system and send it out. Isn't it now subject to traffic analysis and perhaps malware injection? It is only secure if you author it and never move it from the air gaped computer. If you take Griffin's point that connecting a USB stick, or external hard drive is dangerous, and that PDFs are dangerous then I don't think you can do much with that air gaped computer. I am asking a serious question, what are realistic use cases for an air gaped computer? Thanks -- Matt Johnson On Wed, Nov 6, 2013 at 12:32 PM, Eugen Leitl eu...@leitl.org wrote: On Wed, Nov 06, 2013 at 10:54:34AM -0800, Matt Johnson wrote: I fail grasp the utility of such and offline computer. If you keep a You must have nothing to hide, then. Some of us do. computer air gaped as you describe you will not be able to do much with it. Gee, how about authoring content, and encrypting it, and transferring it via sneakernet to your insecure system. That way untrusted network doesn't start at your router, but at your main machine. What do you want the air gaped computer for? Gee, this is exactly the kind of questions which TLAs would love to have answered. But no longer can exfiltrate stealthily. That alone should give you sufficient reason to pay for an air-gapped computer. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
On 11/06/2013 04:21 PM, Matt Johnson wrote: Sorry Eugen, I am still not getting it. You will author content in isolation, without reference to any information at all? Or perhaps in a library with books on paper? When I author something I constantly refer to other material. You know most computers come standard with harddrives where you can store documents and stuff. It's kind of like the cloud, except on your own computer and without a requirement to agree to an incomprehensible, probably-evil ToS. Lets say you write something, then burn it to CD and transfer it to a networked system and send it out. Isn't it now subject to traffic analysis and perhaps malware injection? It's not subject to malware injection if it's signed with a Bitcoin key, or a PGP key, etc. It's not necessarily subject to traffic analysis if one distributes it over Tor. But even if the non-air-gapped machine running Tor gets pwned with a zero-day or some other type of attack through the internet, the attacker does not get the Bitcoins/PGP private key, etc., because those things are only found on the air-gapped machine. It is only secure if you author it and never move it from the air gaped computer. See above. Even so, you seem to be ignoring the most important use cases where the reference material is only stored on the air-gapped machine. I'd assume that's how the journalists reporting on the Snowden leaks work. (Or at least they should.) If you take Griffin's point that connecting a USB stick, or external hard drive is dangerous, and that PDFs are dangerous then I don't think you can do much with that air gaped computer. I am asking a serious question, what are realistic use cases for an air gaped computer? Protecting leaked documents and Bitcoin tokens are the two most obvious cases. Essentially any case where you cannot afford for the data to get stolen, but where it's impossible or impractical to use non-digital media like paper. -Jonathan -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
On Wed, Nov 6, 2013 at 3:56 PM, Jonathan Wilkes jancs...@yahoo.com wrote: On 11/06/2013 04:21 PM, Matt Johnson wrote: Sorry Eugen, I am still not getting it. You will author content in isolation, without reference to any information at all? Or perhaps in a library with books on paper? When I author something I constantly refer to other material. You know most computers come standard with harddrives where you can store documents and stuff. It's kind of like the cloud, except on your own computer and without a requirement to agree to an incomprehensible, probably-evil ToS. Lets say you write something, then burn it to CD and transfer it to a networked system and send it out. Isn't it now subject to traffic analysis and perhaps malware injection? It's not subject to malware injection if it's signed with a Bitcoin key, or a PGP key, etc. It's not necessarily subject to traffic analysis if one distributes it over Tor. But even if the non-air-gapped machine running Tor gets pwned with a zero-day or some other type of attack through the internet, the attacker does not get the Bitcoins/PGP private key, etc., because those things are only found on the air-gapped machine. It is only secure if you author it and never move it from the air gaped computer. See above. Even so, you seem to be ignoring the most important use cases where the reference material is only stored on the air-gapped machine. I'd assume that's how the journalists reporting on the Snowden leaks work. (Or at least they should.) If you take Griffin's point that connecting a USB stick, or external hard drive is dangerous, and that PDFs are dangerous then I don't think you can do much with that air gaped computer. I am asking a serious question, what are realistic use cases for an air gaped computer? Protecting leaked documents and Bitcoin tokens are the two most obvious cases. Essentially any case where you cannot afford for the data to get stolen, but where it's impossible or impractical to use non-digital media like paper. -Jonathan Jonathan, I don't think you are following the whole thread. I understand the value of removing a computer from the network, once you have installed the software you need and put the data you want on it. Griffin suggested never connecting a USB stick, or external drive or copying PDFs to the air gap computer. I have asked how that air gaped computer would be useful. Apparently the point is too subtle. -- Matt Johnson -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jonathan, I don't think you are following the whole thread. I understand the value of removing a computer from the network, once you have installed the software you need and put the data you want on it. Griffin suggested never connecting a USB stick, or external drive or copying PDFs to the air gap computer. I have asked how that air gaped computer would be useful. Apparently the point is too subtle. Griffin pointed out that there are ways to infect a machine via usb sticks and HD's, but never said not to use them. But regardless, you could still use the air gapped machine for only document creation and encryption, and as a static repository for your data, and using write once cd-r discs to export. The OP specified using flash memory, so I assume he means usb drives or sd cards. DN - -- -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.20 (MingW32) iQEcBAEBAgAGBQJSeuJQAAoJEDMbeBxcUNAefPIH/0sef2l7T9MHrWRTQPEiIJJU z0TXJ+uF8XCWmu47+VaYPPyV9BHdtyE2h3So9TYo6fSQkVhO7YZ7cgy3HoD15RE5 xCrZxpKwm8x6pBWoWND6YAGDMx0JeG5g5eejX/I8dbStY5DEV1Lxqgr4WTl6dQcL L35qozaB7zmzBdVkQzRCXgquBV8EgVOalvY7RdXSymjaLEOU+tWnE4PiF9736E2V O1vjXaIN8zhvWI7DdO3cVl5/SBvE1YRp2utL1Od7ivNzcHauNzuQz1RPLOX4awdD u7hzI9s8zstQEumRg9ciMJiTsbCZpSRqWiDWc7XY3db2jgu1lLyY7BInK4Vcbgw= =YtEu -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Ubuntu Privacy Remix remix?
Trying the now rather dated Ubuntu Privacy Remix I figured out any recent distribution would do. Just the ability to disable networking by hand and that's all. It has to be made for flash media. Meaning writing to the disk only if necesary. It would be nice to be privacy aware, meaning it can have at least some part encrypted. It has to be able to interact with encrypted drives. Luks, encfs, truecrypt. But do you know anything that would fit the bill? Security is of no interest for such a distribution. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Ubuntu Privacy Remix remix?
anon14...@safe-mail.net wrote: Trying the now rather dated Ubuntu Privacy Remix I figured out any recent distribution would do. Just the ability to disable networking by hand and that's all. There are some really good options out there, including: TAILS: https://tails.boum.org/about/ Whonix: https://www.whonix.org/ https://www.whonix.org/wiki/Main_Page Both are Linux OSs, both run off of USB sticks, and both have very strong privacy-preserving properties. Security is of no interest for such a distribution. This is a bit pendantic of me, but ensuring privacy requires security. ;-) let us know how it goes! ~Griffin -- Be kind, for everyone you meet is fighting a hard battle. PGP: 0xD9D4CADEE3B67E7AB2C05717E331FD29AE792C97 OTR: sa...@jabber.ccc.de -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.