Skip to main content

View Diary: An NSA-proof operating system. Yes, for real. (171 comments)

Comment Preferences

  •  The only isolation is air space (12+ / 0-)

    Full stop.

    Please explain how any OS or internet transaction is secure when data is acquired by splitting the signal of Tier 1 backbone severs, which is how the NSA/FBI acquire the data.

    And with anything less than PFS encryption, you are easy game.

    I appreciate what you are trying to do, but unless you can answer the question about how this OS and any connected system using public internet resources or VPN solves the Tier 1 problem, you have not dealt with the fundamental problem.

    400ppm : what about my daughter's future?

    by koNko on Fri Jul 12, 2013 at 11:13:36 PM PDT

    •  And let me define air space (10+ / 0-)

      No connection to the internet, ever.
      No wireless ports connected to the system, i.e., no device or any installed device physically disconnected (verses turned off).
      No connection to storage devices that are ever connected to other systems failing the above criteria.

      Not what most people can live with.

      Anything less has some degree of vulnerability. Stuxnet proved the above rules.

      No OS is inherently safe. No application is inherently safe. No network is safe unless it is forever isolated as described.

      400ppm : what about my daughter's future?

      by koNko on Fri Jul 12, 2013 at 11:20:30 PM PDT

      [ Parent ]

    •  You're conflating the security of one's... (7+ / 0-)

      ...personal computer with browsing security on the internet.

      I haven't really discussed internet security.  This diary is about security FROM the internet - not ON it.

      Perhaps later - but I will point this out:

      Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.
      ~ Edward Snowden, here.

      It ain't called paranoia - when they're really out to get you. 6 points.

      by Jaime Frontero on Sat Jul 13, 2013 at 12:21:46 AM PDT

      [ Parent ]

      •  If you don't connect to the internet (2+ / 0-)
        Recommended by:
        sviscusi, J M F

        And have a strong password, pretty much any OS is secure. No?

        My point is only that once you venture on to the tubes, your data gets pipelined through a Tier 1 server and if it is in the USA or any foreign listening post where the NSA has a tap, it can be accessed. And the revelations in the past 2 days about how some companies cooperated with PRISM only reinforces this.

        You do have a knock-down case not to use any MS OS or applications, I don't see that OSX or Linux have quite the same built-in vulnerabilities (depends on implementation, and I use all 3 by necessity although I would "X" Windows if I could).

        Maybe Snowden thinks crypto can be relied on but some other ex-NSA with much better credentials than him on the subject disagree and 2 building in Oak Ridge full of Cray Jaguars and Titans dedicated to cryptographic research and decoding tasks suggest no one should bet on it.

        And another of Snowden's revelations suggests people who use crypto do so with the knowledge that the mere fact they have done so will flag their transactions for harvesting, analysis and storage, and that because they contain encrypted content, no warrant is required should the NSA, CIA or FBI decide it should be decrypted.

        Certainly cryto slows things down and certainly not everything encrypted will be selected for decryption, but never say never.

        400ppm : what about my daughter's future?

        by koNko on Sat Jul 13, 2013 at 08:10:27 AM PDT

        [ Parent ]

      •  Hey Jaime ... (1+ / 0-)
        Recommended by:
        J M F

        Would you be interested in forming a group about net/OS security here?

        I think we have lots of people interested and some of us have working skills.

        400ppm : what about my daughter's future?

        by koNko on Sat Jul 13, 2013 at 08:58:25 AM PDT

        [ Parent ]

      •  Yes, but the NSA reference suggests it (0+ / 0-)

        The NSA isn't normally penetrating indivdual PCs, though.  They are collecting internet traffic.  

    •  Reminds me of Vax/VMS & TEMPEST (0+ / 0-)

      back in the early 1980's. The creation and maintenance of secure computing facilities.. Quite, a bit of research being done then.. Funny, how little has changed.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site