Slashdot Mirror

← Back to Stories (view on slashdot.org)

Will ParanoidLinux Protect the Truly Paranoid?

Posted by kdawson on from the tinfoil-laptop-carrying-case dept.

ruphus13 writes "There are still places on the world where having anonymity might mean the difference between life and death. Covering one's tracks is considered to be of such paramount importance that we are now witnessing the rise of a Linux distro catering to the most paranoid. The 'alpha-alpha' version of ParanoidLinux is now out. But is this the best way to protect oneself? Couldn't it be easily circumvented? The article asks, 'Why is it necessary to put the applications and services designed to protect anonymity, to encrypt files, to make the user nameless and faceless, all together, in one distribution? Let's think in a truly paranoid manner. Wouldn't it be far easier for a nefarious government organization to target that distribution's repositories, mirror that singular distribution's disk images with files of its own design, and leave every last one of that distribution's users in the great wide open?' What should truly paranoid user do?"

8 of 236 comments (clear)

  1. Borrow wifi - get someone to type for you by presidenteloco · · Score: 4, Interesting

    1. Always borrow random open wifi access points,
    in a geographic pattern not centered around your habitual location
    2. Get a new unknowing assistant to type in roughly what you want to say each time. There are pattern detectors for your ways of expressing things.
    3. Establish online identities such as gmail that have no tie whatsoever to any of your identity info or financial info

    --

    Where are we going and why are we in a handbasket?
  2. Just not in a public place. by RockoTDF · · Score: 3, Interesting

    The truly paranoid user should get use a liveCD with a mac address scrambler off of a wireless connection that does not belong to them.

    --
    There is more to science than physics!

    www.iomalfunction.blogspot.com
  3. Re:True open source question by cdfh · · Score: 4, Interesting

    Ken Thompson talks about using untrusted compilers in his lecture, "Reflections on Trusting Trust".

    (See also: this)

  4. Sorry, Ken Thompson (brain fart...) by Giant+Electronic+Bra · · Score: 2, Interesting

    "It is also possible to create a backdoor without modifying the source code of a program, or even modifying it after compilation. This can be done by rewriting the compiler so that it recognizes code during compilation that triggers inclusion of a backdoor in the compiled output. When the compromised compiler finds such code, it compiles it as normal, but also inserts a backdoor (perhaps a password recognition routine). So, when the user provides that input, he gains access to some (likely undocumented) aspect of program operation. This attack was first outlined by Ken Thompson in his famous paper Reflections on Trusting Trust."

    http://en.wikipedia.org/wiki/Backdoor_(computing)

    --
    "Malo periculosam, libertatem quam quietam servitutem." -- Jefferson
  5. Re:well by NFN_NLN · · Score: 5, Interesting

    What should truly paranoid user do?

    get help?

    get BSD?

    Seriously, there is already an OS aimed at security... OpenBSD:

    "Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography."

    "Audit Process:

    Our security auditing team typically has between six and twelve members who continue to search for and fix new security holes. We have been auditing since the summer of 1996. The process we follow to increase security is simply a comprehensive file-by-file analysis of every critical software component. We are not so much looking for security holes, as we are looking for basic software bugs, and if years later someone discovers the problem used to be a security issue, and we fixed it because it was just a bug, well, all the better. Flaws have been found in just about every area of the system. Entire new classes of security problems have been found during our audit, and often source code which had been audited earlier needs re-auditing with these new flaws in mind. Code often gets audited multiple times, and by multiple people with different auditing skills."

  6. A paranoid user should use this by xant · · Score: 3, Interesting

    I think a lot of people misunderstand the concept of "single point of failure". With all of this stuff in one place, yes, there's only one place that attackers need to attack. But there's also only one place that defenders need to defend. The alternative is that all these security programs remain scattered in lots of places on the Internet. True, attackers probably won't be able to subvert more than a couple of those, but it only takes one flaw in your security for them to get you. If you subverted GPG, it doesn't matter much that TrueCrypt is still working for you. If someone subverted SSL, or DNS, and it doesn't matter much that the Linux Kernel is still secure. Best to get everything from one place, and make sure that one place is really, REALLY damn secure.

    --
    It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
  7. Chuck Moore has done this... by EmbeddedJanitor · · Score: 3, Interesting
    http://en.wikipedia.org/wiki/Charles_H._Moore designed his own language (Forth), an OS, chip design software and designed his own CPUs.

    I'd say he's well on his way to achieving this.

    --
    Engineering is the art of compromise.
  8. For anonymity as well as security by Beryllium+Sphere(tm) · · Score: 2, Interesting

    Someone could resurrect the Anonym.os project, an OpenBSD live CD with anonymity tools.