As a beginner I'm trying to see what else i can do in my knowledge to secure my installation better.
Mother Board Settings > Admin and Startup Passwords are Enabled, LAN DVD USB Boots etc. Disabled. DDR Memory Data Scrambling ON, IPMI Password Tightened.
Installed Debian 8.2 on my Drive which is on AHCI SATA Port with Legacy Boot. / Full Disk Encryption Including SWAP / Strong Password on Startup.
Seems good enough? My Mother Board Supports TPM, Secure Boot and all those security Bells and whistles.
Is there something else I can do?
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Is full Disk Encryption Really Enough?
Re: Is full Disk Encryption Really Enough?
Not only can, but must. If you're all that worried about it, then you need to design, engineer, and fabricate all your own hardware (including USB devices, NICs, hard drives, etc.).Htop919 wrote:Is there something else I can do?
Re: Is full Disk Encryption Really Enough?
There is never enough but if you put up too many bars you will wind up living in a prison of your own making. The most important part of security is to not put on the Internet anything that you would be unwilling to put up in a bus station washroom. Do not store bank passwords in your browser. Etc.
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: Is full Disk Encryption Really Enough?
Yep, that is what it boils down to. If you do some searches you will find , for example, the "mother board", and all the other "chips" in your computer, could have backdoors, and
"code" built into them by the manufactures, they probably are watching you right now.
They can de-cypher, de-encrypt everything you encrypt , because they have all ready monitored how you encrypt it. I can not post links or details, because it would then become a "politcal" issue, as well. But some searches will show you nothing is really secure.
Sorry, I hate to make a paranoid person more paranoid, but it is the reality. If you stay offline, do not use any "wireless", and have no kind of wire less or "phone lines" connected to your home, this includes "cable TV" and satellite dishes, you might be sort of secure , but who knows, there may be hidden transmitters in your mother board, or one of the chips in your computer. I just try not to worry about,..don't need to really, I am not doing anything wrong, that is against any laws, I am not a "terrorist", and I don't have anything in my life that needs to be "TOP SECRET",.. in other words, they can watch me all they want, hope they enjoy the show.
"code" built into them by the manufactures, they probably are watching you right now.
They can de-cypher, de-encrypt everything you encrypt , because they have all ready monitored how you encrypt it. I can not post links or details, because it would then become a "politcal" issue, as well. But some searches will show you nothing is really secure.
Sorry, I hate to make a paranoid person more paranoid, but it is the reality. If you stay offline, do not use any "wireless", and have no kind of wire less or "phone lines" connected to your home, this includes "cable TV" and satellite dishes, you might be sort of secure , but who knows, there may be hidden transmitters in your mother board, or one of the chips in your computer. I just try not to worry about,..don't need to really, I am not doing anything wrong, that is against any laws, I am not a "terrorist", and I don't have anything in my life that needs to be "TOP SECRET",.. in other words, they can watch me all they want, hope they enjoy the show.
"What we expect you have already Done"
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
Re: Is full Disk Encryption Really Enough?
Computer security is directly related to intended usage. The spectrum ranges from a non-connected system in a physically secure location that does not handle sensitive data to 24/7 servers handling privileged information. Entire books have been written on the subject. Real books, not blog posts
So you need to review your usage case and then decide how much is enough. Multi-user setups, auto-mounting parititons with sensitive data, hardware backdoors, sloppy password sharing, rampant javascript, precompiled binaries, background daemons and services. There are so many potential holes it can make you crazy.
If you no longer run a Windows OS then you are ahead of the game, but really only you can decide how much is enough. Nobody can properly answer that question for YOU.
So you need to review your usage case and then decide how much is enough. Multi-user setups, auto-mounting parititons with sensitive data, hardware backdoors, sloppy password sharing, rampant javascript, precompiled binaries, background daemons and services. There are so many potential holes it can make you crazy.
If you no longer run a Windows OS then you are ahead of the game, but really only you can decide how much is enough. Nobody can properly answer that question for YOU.
800mhz, 512mb ram, dCore-jessie (Tiny Core with Debian Jessie packages) with BusyBox and Fluxbox.
Most don't have computer access, reuse or pay forward an old computer.
Most don't have computer access, reuse or pay forward an old computer.
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: Is full Disk Encryption Really Enough?
Not exactly a "book" but much better then a "blog"
https://www.debian.org/doc/manuals/secu ... l#contents
https://www.debian.org/doc/manuals/secu ... 10.en.html
https://www.debian.org/doc/manuals/secu ... l#contents
https://www.debian.org/doc/manuals/secu ... 10.en.html
"What we expect you have already Done"
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
Re: Is full Disk Encryption Really Enough?
Also, stay off of Facebook and Twitter. They make their money by invading your privacy. Apple will sell you out so don't buy any Apple products. Frankly, don't have any phone with a locator in it. Use StartPage, Duck Duck Go or Ixquick for searching; avoid Google as much as possible. Avoid Flash as much as possible. Have some extensions that remove cookies, including Flash cookies. Get the idea?
Watch some of the lectures by Eben Moglen who explains this much better than we will.
Watch some of the lectures by Eben Moglen who explains this much better than we will.