Re: Security?
On Tue, 2013-09-10 at 17:13 +0530, Kailash wrote:
> On Tuesday 10 September 2013 12:27 PM, Ralf Mardorf wrote:
> > On Mon, 2013-09-09 at 20:20 +0200, Ralf Mardorf wrote:
> >> Obama is as evil as a human being can be, it's impossible to be more
> >> evil. He is in one league with [...] idiots.
> >
> > Nobody was hooked :), that's good, because it's nonsense, resp. a
> > provocation. But indeed, people died because of the politic, so IMO
> > stealing data is less an issue, than other issues we've got on our
> > planet. I wonder that nobody writes endless mails about starvation and
> > wars and when there is the comparison between the USA and China, keep in
> > mind that there is more serious wrongness in China, than in the USA.
> >
> > We can't protect ourself against living in a country were hunger is an
> > issue, we can't protect ourself against wars, but we can protect ourself
> > against data robbery, by not providing important data by the Internet.
> >
> >
> >
>
> So,
>
> http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
>
> We have some software solutions. Could a system be also compromised when
> using a generic hardware layer? And if so, what options exist?
>
> Any pointers would be appreciated.
>
> Sincerely,
> Kailash
Those hints sound very good. FWIW on the Wanderlust mailing list
somebody asked "[...] A drawback is that encrypted mails are stored,
well, encrypted. [...] What about storing the mail in clear text and add
an additional header indicating that this mail was sent encrypted?" My
comment to this was "Regarding to security mails that were sent
encrypted, should also be stored encrypted. [...] it would be ok to
sent mails encrypted, but then to store them decrypted, but for good
reasons this shouldn't be a default for any MUA. [...]"
If people would use the available security with thinking why some things
are done as hey are done, they are IMO relatively safe, but most users
act idiotic.
I don't have knowledge about security, but just horse-sense. My
passwords can be found in dictionaries, perhaps not in an English
dictionary, but perhaps Klingon or similar. However, there is absolutely
no secret data on my machine.
IMO building your own computer could add additional security, OTOH it's
unlikely that anybody of us can build microchips at home, so we at least
need to build a computer by using common technology. If you have the
know-how and technology to build your own microchips, than you for sure
are an interesting target for the NSA.
IMO most of us don't have data that is from interest. Most computer
users give away private data by their own choice, Twitter, Facebook,
mailing lists. It's like writing you credit card's password on a
postcard or on the credit card.
How did we exchange Information, before we used the Internet? We wrote
some messages by postcards, we wrote other messages by letter and some
messages were sent by safety enterprises. Using the computer is like
writing a postcard and at best like writing a letter, covered by a
light-tight envelope, written in a secret code, but there is no way to
do it that safe as done by safety enterprises, assumed the people
working for the safety enterprises are good friends and heavily armed
superheros.
How did we store data before we used computers? Some were stored on the
kitchen table, others were stored a drawer, or in a secret drawer
or ... ;).
The computer seemingly is the kitchen table ;) and not a secret drawer.
Since we know this, we could take care about it.
In the link you posted Schneier mentions that he encrypts data on a new
computer that never was connected to the Internet!
Reply to: