SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#1 2013-02-10 19:30:22

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

The paranoid #! Security Guide

$ sudo apt-get install ecryptfs-utils cryptsetup

Last edited by chillicampari (2014-01-07 06:25:09)

Offline

Be excellent to each other!

#2 2013-02-10 19:34:39

VastOne
#! Ranger
From: V-Ger
Registered: 2011-04-26
Posts: 10,165
Website

Re: The paranoid #! Security Guide

An AMAZING contribution sorcerer's_apprentice, well done...

When anyone asks anything security, I will make sure to point them to this incredible post

Thank you!

Offline

#3 2013-02-10 19:38:54

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Offline

#4 2013-02-10 20:28:50

junkie
#! Junkie
Registered: 2012-05-04
Posts: 370

Re: The paranoid #! Security Guide

Very nice, thanks for the time put in to it.

Offline

#5 2013-02-10 20:42:35

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-10 20:45:35)

Offline

#6 2013-02-10 21:58:06

saneks
#! Die Hard
Registered: 2009-10-01
Posts: 1,020

Re: The paranoid #! Security Guide

woah, great compilation! thanks!


eee701 user & other lap/desktops

Offline

#7 2013-02-10 22:34:45

vlax
#! CrunchBanger
From: Alcatraz
Registered: 2012-12-25
Posts: 101
Website

Re: The paranoid #! Security Guide

Offline

#8 2013-02-10 23:24:40

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-11 01:12:24)

Offline

#9 2013-02-11 00:25:36

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Update:

I made several additions to the guide. I won't be starting a changelog here. So you have to consult your memory to identify what you haven't read before... wink

Offline

#10 2013-02-11 00:59:23

vlax
#! CrunchBanger
From: Alcatraz
Registered: 2012-12-25
Posts: 101
Website

Re: The paranoid #! Security Guide

Offline

#11 2013-02-12 13:19:33

MrPink
#! CrunchBanger
From: .dk
Registered: 2011-06-28
Posts: 213

Re: The paranoid #! Security Guide

Very interesting post. Would it make sense to do the /boot on a usb-stick trick with a system that dual boots an encrypted Windows 7 partition and an encrypted lvm with debian, or is such a system already too vulnerable?

Offline

#12 2013-02-12 14:32:56

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-12 14:33:40)

Offline

#13 2013-02-12 14:41:56

MrPink
#! CrunchBanger
From: .dk
Registered: 2011-06-28
Posts: 213

Re: The paranoid #! Security Guide

Windows 7 has BitLocker, an encryption feature, but just like linux it needs an unencrypted /boot.
It was just me thinking out loud, and I don't need an encrypted Win7 (it's just for gaming).

Let me re-formulate the question: As I understand the /boot on a stick trick, the whole point is to avoid unencrypted data on the hdd. If so, would it defeat the purpose to do this on a system that dual boots with Windows (encrypted or not), since there is then bound to be unencrypted data on the disk?

Offline

#14 2013-02-12 14:59:35

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-12 15:02:53)

Offline

#15 2013-02-12 16:58:02

gutterslob
#! Resident Bum
Registered: 2009-11-03
Posts: 3,207

Re: The paranoid #! Security Guide

Intrawebz security isn't something I'm great at, so this guide is most welcome. Marvelous stuff. Thanks for putting in the time.
Some stuff I've not heard of (tiger, evercookie, Netsukuku), so it should make some good reading, at the very least.

This thread needs a sticky, me thinks.

Still, I'd recommend against any application that requires Java, unless absolutely necessary, even if it's OpenJDK. Relying on Java to secure something is kind of like relying on a rusty machete to protect yourself from gun wielding militants, imho. The machete will give you tetanus way before the bullets even hit you.

Last edited by gutterslob (2013-02-12 17:01:17)


Point & Squirt

Offline

#16 2013-02-12 17:13:50

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Offline

#17 2013-02-12 17:28:51

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-12 19:15:41)

Offline

#18 2013-02-12 17:43:42

el_koraco
#!/loony/bun
From: inside Ed
Registered: 2011-07-25
Posts: 4,749

Re: The paranoid #! Security Guide

Nice work man, you covered pretty much everything.

Offline

#19 2013-02-12 17:50:41

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Offline

#20 2013-02-14 01:08:24

DigitalJedi
#! CrunchBanger
From: Gaza
Registered: 2012-11-20
Posts: 120

Re: The paranoid #! Security Guide

Very nice guide!
I liked specially the encription part, and the link you posted to the video was awesome.
Bookmarked, saved and shared.
Thanks a lot! cool


"Do or do not. There is no try." ~ Master Jedi Yoda

Offline

#21 2013-02-14 05:20:36

vlax
#! CrunchBanger
From: Alcatraz
Registered: 2012-12-25
Posts: 101
Website

Re: The paranoid #! Security Guide

Offline

#22 2013-02-14 11:34:33

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-14 11:36:16)

Offline

#23 2013-02-14 12:26:09

Bradi
#! CrunchBanger
From: Poland
Registered: 2013-01-21
Posts: 119

Re: The paranoid #! Security Guide

This is great, I've read it all twice already and I'm learning a lot from this, thanks sorcerer's_apprentice!

One suggestion though, as you keep adding new stuff to the guide, things might get a little chaotic. Some formatting such as clearly visible headlines and a table of contents would make it easier on the eyes. Forums don't seem to handle posts of this length very well (unless you split it into several posts and link to them from the first one). But there is a CB wiki, how about that?

Offline

#24 2013-02-14 13:15:03

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: The paranoid #! Security Guide

Last edited by sorcerer's_apprentice (2013-02-14 13:16:28)

Offline

Help fund CrunchBang, donate to the project!

#25 2013-02-14 20:02:03

bpsk31
New Member
Registered: 2013-02-14
Posts: 2

Re: The paranoid #! Security Guide

What an excellent guide sorcerer's_apprentice. I have implemented a number of the suggestions.

I thought I would mention eCryptfs, I'm not keen on encrypting my whole drive (yes I appreciate that can leave some security holes) and eCryptfs can be implemented after installion on the home directory. There are a few guides around to do this.

Just got one question, one of firefox's prefs has got me beat, I've searched high and low but I cannot find an answer, can anyone enlighten me please?

dom.battery.enabled     what is this for?

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.
Server: bleh

Debian Logo