This will be a bit of a long post, so if network security doesnt interest you, skip it. You wont hurt my feelings. Ive been asked a lot recently about why I propound Linux so much with regard to private communications. Ive even been made fun of when one of my servers go down due to my playing around and I spend two days putting it all back together. Its not because its bulletproof, no, to be honest, many distros of Linux have also been compromised. However, Linux is edited and written by users for users, and such compromises are usually detected and patched before they can become hacking SOP. Commercial operating systems are written by corporations and businesses for the lowest common denominator, and infrequently and shoddily updated, requiring costly virus scanners, third party firewalls, and technical support. Few viruses affect Linux, for the simple fact that its very rare for the average user to have to go outside the free software repositories to install anything. Still, you can install third party programs if you want, and even install and run Windows software with the WINE layer. For most Linuc distros, iptables, a built in firewall already exists. Software like fail2ban can dictate how many login attempts are allowed before and IP is blacklisted for as long as you specify. Open source users want their computers to perform, closed source users want their systems user friendly with fuzzy logic and plug and play. With the latest distros, one can have both. But heres the kicker, and why I chose open source for security: A corporation can be cajoled into leaving a back door open for special interests, or in the interest of national security, and in the open source community, theres no one to bribe or threaten. If Canonical, KDE, Red Hat, or whoever decide to roll over, there are a hundred other distros which run the same kernel and can become the next Ubuntu. Changing desktop environments is as simple as typing a single line into the terminal and going out for dinner. Think of Micro$oft or Apple with an R&D staff of thousands (probably overly generous) against enough free independent software developers to fill a small nation. Theres no comparison. Then there are the live systems that dont even use a hard drive like TAILS, Liberte, and others, amnesiac systems that run off CD and flash drives, then wipe the RAM after exiting so even passcodes and keys are irrecoverable by cold boot attacks and the like... but I digress. The only real ways to permanently compromise a Linux system thats already running is physical access to the machine or unattended mail-order upgrades, and if that happens, Ive got bigger problems than computer security. I would need to lock the door to my house. Bottom line, theres no such thing as a completely secured system. If you can sit down at the keyboard and enter a password to gain access, so can someone else. Security is a sliding scale between accessibility and locked gates. If you run an open server, as I do, every gate out is a gate in. My other systems include a gamer and an airgapped notebook. Airgapping sensitive systems with no wireless network hardware, and having them with you at all times with nothing sensitive on the drives is probably one of the best steps. Well, thats a lot of information. If you go Linux, let me know. Its definitely the first step in a PRISM break. Power to the penguins!
Posted on: Tue, 11 Mar 2014 03:44:04 +0000
Trending Topics
Recently Viewed Topics
© 2015