Re: [liberationtech] Chromebooks for Risky Situations?
On 02/12/2013 12:46 AM, Rich Kulawiec wrote: > On Mon, Feb 11, 2013 at 05:54:19PM +0100, Andreas Bader wrote: >> Don't you think that e.g. DSL (Damn Small Linux) has less code than Android? > I don't know. While I'm somewhat familiar with DSL, I don't use > Android and know very little about it. I just did a little searching > and see various figures cited for both, but nothing that seems to > be recent/comprehensive/accurate. > > I suspect that my reaction to both, though, would be "too many". ;-) DSL has a size of 50 MB, Puppy is also small. Chrome OS seems to be much bigger (maybe Jake can tell us details). I think that if you compile your own small kernel and kick out all the needless stuff you can create a much smaller (and more secure?) kernel. > >> I mean you can't simplify that by saying "This System is the most >> secure" if you mean "this system is the smallest.". > You're right. We can't. But if we accept as a starting premise > that to a first approximation "the number of security holes" is > roughly proportional to "the size of the system" -- and that usually > seems to be true -- then smaller is probably better. So why not create a own OS that is really small because of its security? Chrome OS is small because it's cheap. If you were right then Android was the most secure system. Aren't there any Android viruses? RedHat seems to have less security holes than Chrome OS. > >> I think you have to achieve a good compromise between security and >> simplicity. > I don't think so: I think the best way to achieve security IS simplicity. > > That's why, for example, I suggest having *no* update mechanism other > than a complete reinstall of everything -- or more likely, a 1-for-1 swap > of the readonly device holding the OS. If there is no update mechanism, > then it can't be broken. It can't be used to feed in malware. It can't > be used to figure out who's running the OS. It doesn't exist, so all > of the possible things that could go wrong with it don't exist either. > I contend that this is simpler than trying to build one and then solve > all the problems that its existence creates. Chrome OS is not an OS optimized for security. An OS optimized for security is an own OS. What if users want to use stuff like FDE, PGP, different certificates, all the software you use for secure information and communication. They depend on Google. They have to release it and allow you to use it on their OS. And we have to respect that, because it is a requirement for their working security. Andreas -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Chromebooks for Risky Situations?
On Tue, Feb 12, 2013 at 10:01 AM, Andreas Bader wrote: > So why not create a own OS that is really small because of its security? http://dee.su/liberte-build -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Chromebooks for Risky Situations?
On 02/12/2013 01:42 PM, Maxim Kammerer wrote: > On Tue, Feb 12, 2013 at 10:01 AM, Andreas Bader > wrote: >> So why not create a own OS that is really small because of its security? > http://dee.su/liberte-build > Thanks, something like that would be a good alternative to ChromeOS for activists. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Chromebooks for Risky Situations?
A good alternative for what use cases? The problem I find with flat statements such as "something like that would be a good alternative to ChromeOS for activists" is that it fails to address what uses its providing a good alternative for. IE you fail to demonstrate the threat model based on real use cases. Which is not to say you are wrong, I simply want to ask for clarification as to your intended meaning. eg: Would it be a good alternative for activists already using Google Apps (as Nathan at the beginning of this thread suggested Chromebooks might be?)? Would it be a good alternative for media activists who need to be able to edit video and photo content of actions or documentation of human rights violations? Would it be a good alternative for activists who intend to disseminate updates, reports, and propaganda via Facebook and other social networks? I certainly have no idea. These are serious questions, not intended to be sarcastic or confrontational. I'd really like to know for what real-world uses its deemed this or any other "super small OS" would be good solutions for activists. Certainly for hacktivists, hackers, and users only engaged in online communications I'm sure these are great solutions, but I hope you can detail more how a DSL or Liberte Linux provide good solutions to the multifaceted needs/use cases of activists. best Brian On Tue, Feb 12, 2013 at 5:05 AM, Andreas Bader wrote: > On 02/12/2013 01:42 PM, Maxim Kammerer wrote: > > On Tue, Feb 12, 2013 at 10:01 AM, Andreas Bader > wrote: > >> So why not create a own OS that is really small because of its security? > > http://dee.su/liberte-build > > > Thanks, something like that would be a good alternative to ChromeOS for > activists. > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- Brian Conley Director, Small World News http://smallworldnews.tv m: 646.285.2046 Skype: brianjoelconley -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Chromebooks for Risky Situations?
On 02/12/2013 06:41 PM, Brian Conley wrote: > A good alternative for what use cases? > > The problem I find with flat statements such as "something like that > would be a good alternative to ChromeOS for activists" is that it > fails to address what uses its providing a good alternative for. IE > you fail to demonstrate the threat model based on real use cases. > Which is not to say you are wrong, I simply want to ask for > clarification as to your intended meaning. eg: > > Would it be a good alternative for activists already using Google Apps > (as Nathan at the beginning of this thread suggested Chromebooks might > be?)? Yes, you can use all Google Apps in the Chrome Browser. And I think that there are not many activists that use only Google Apps for communication and information. > > Would it be a good alternative for media activists who need to be able > to edit video and photo content of actions or documentation of human > rights violations? I am sure that I can edit photo and video better on my Ubuntu Workstation than on a Chromebook. > > Would it be a good alternative for activists who intend to disseminate > updates, reports, and propaganda via Facebook and other social networks? In that case chromebooks would be possible, but only if you work only online. And the telecommunication infrastructure is not everywhere that great like in Europe and USA. > > I certainly have no idea. These are serious questions, not intended to > be sarcastic or confrontational. > > I'd really like to know for what real-world uses its deemed this or > any other "super small OS" would be good solutions for activists. > Certainly for hacktivists, hackers, and users only engaged in online > communications I'm sure these are great solutions, but I hope you can > detail more how a DSL or Liberte Linux provide good solutions to the > multifaceted needs/use cases of activists. If you want ONE solution for all these cases I'd prefer something like Ubuntu, Debian or Open Suse. They have the best (free) support for users and are pretty stable. Also they are pretty good configurable and expandable (Design- and Videoediting-Software, easy TOR usage, different Browsers etc.). I don't think that lots of those people want to use a Terminal OS with Lynx to Browse, but I am sure that they also want no "Toy Touch OS" with quick access to the newest Angry Birds game. Those systems are facebook and twitter machines, optimized for modern socializing. But not really secure. Andreas -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] OpenITP Grants
Just a reminder: *OpenITP First Round of 2013 Project Funding is Now Open for Proposals* Grants are meant to support specific technical efforts to improve users' ability to circumvent censorship and surveillance on the Internet. "Technical" doesn't have to mean software or hardware... http://openitp.org/?q=openitp_first_round_of_2013_project_funding_now_open_for_proposals *Circumvention Tech Summit Grants are Due February 27, 2013 * OpenITP is hosting the Circumvention Tech Summit in Hong Kong on April 26-28 Grants are available. To apply, please RSVP with wesley [at] openitp [dot] org and requests the application form, which is due by Feb 27. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] A question from a journalist regarding Zimbabwe
I received this message from a colleague; they've given me permission to ask on open forums, provided I maintain their anonymity. I can field questions about their project, although I think the threat model here is targetted traffic surveillance by existing centralised security services, and the expected countermeasures will be using encrypted services and the usual security tools. I'm currently working with community media in Zimbabwe, on content that may prove to be controversial. I wonder whether you might point me in the direction of information on the level of threat posed by internet/ mobile monitoring, surveilance, etc. Is there any detailed information on the capabilities of the Zimbabwean state? d. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
