Neologism: Disk Paranoia

Disk paranoia - noun - That occasionally well-founded sense of creeping dread one feels when repartitioning, reformatting, or clearing a USB drive.  The dread stems from the fear that one is not, in fact, doing something terminal to the correct drive and you're actually zorching one of your internal drives (usually the one with all of your data on it).  This leads one to recheck the terminal window once every nine or ten seconds to make sure you're messing with the correct drive.  This may also include opening multiple other terminal windows to display the list of currently mounted devices, cross-checking the …

Read more...

Turtles All the Way Down: Applications

Now our hypothetical trusted and open computing platform needs applications so you can get real work done. Text editors, scripting languages, officeware, and probably a desktop of some kind. To stick with our security practice of keeping systems as spare as possible, I recommend only installing applications and their dependencies as you need them. In the last post I suggested picking a package management system of some kind if one isn't already a core component of the OS that we recompiled and installed. If you get in the habit of building and using packages now you'll save yourself a lot …

Read more...

Turtles All the Way Down: Bootstrapping an operating system.

Now we need an operating system for the trusted, open source computer. As previously mentioned, Windows and MacOSX are out because we can't audit the code, and it is known that weaponized 0-days are stockpiled by some agencies for the purpose of exploitation and remote manipulation of systems, and are also sold on the black and grey markets for varying amounts of money (hundreds to multiple thousands of dollars). It has been observed by experts many a time that software being open source is not a panacea for security. It does, however, mean that the code can be audited for …

Read more...

Setting up encrypted swap.

As computers go these days, it is not unusual for the amount of free RAM to reach a critical level at which no other processes will fit into what little unused memory is left. Modern operating systems will then start swapping pages of memory to disk to make room; the data can be read back in later if necessary. This is a procedure called swapping, and it can take several forms. Windows maintains a large hidden file somewhere on the drive (usually in the root directory of C:) which it uses for this purpose. Linux, UNIX, and UNIX-alikes most often …

Read more...