That is not such a big difference, considering most installations are still using OpenSSL (more eyes...).
LibreSSL is still valued for their efforts, but they and most of the IT community waited until a major crisis occurred before taking action. Now that OpenSSL has been in the spotlight and finally received decent funding to do their own reviews and cleanup, I'm not sure where that leaves LibreSSL.
I'm guessing Fedora will have it in about 5-10 days, during which time about three 100MB Libre Office updates will already have been posted to their mirrors.
PS- Hi Timothy!
What's infuriating is that USB drives used to come with hardware write switches and now you can't find them anywhere. And motherboards used to require you to move a jumper to flash the BIOS but, those are gone too. I don't know if it was cost cutting or a case of user stupidity or both but, the hardware write switch has faded into history. I'm fine with the being in a default-write setup as long as they had the option to cut it off.
A third possibility is that the NSA and their friends abroad might have pressured the manufacturers to remove these security features. The pressure might have subtle, like pointing out "good" places for cost savings.
As someone else mentioned, Kanguru has write protect (and I think a few others -- I have some drives by Imation and RiData that have the switch). But that doesn't necessarily protect you from something like badUSB, which can infect drive firmware.
Kanguru states their drive firmwares are protected with digital signatures. However, that means the firmwares are writeable under certain conditions, and we now know that certain organizations make it their job to steal the private keys of security vendors (you can bet the practice is not limited to SIM cards). In that case, you may be better off with a 'plain' thumb drive that has a non-changeable firmware especially if it has a write-protect switch.
What really, really sucks is that virtually no manufacturers are stepping up to the plate with better hardware designs that can mitigate the problem... and even the OPAL2 spec appears to state that firmware protection is optional. Merely putting write-protect jumpers on the firmware storage chips would prevent most attacks (the remote ones).
An exception to the lack of manufacturer concern may be the new Purism brand that just launched their Librem 15 OSS-friendly laptop. They are interested in putting at least a jumper on the motherboard that can block BIOS changes. They also promise to release an edition of the Librem that allows the user to cut power to wireless, mic and camera.
Another mitigation is Qubes OS, which has an architecture that greatly ups the bar for security and it can detect tampering in the BIOS, kernel, hypervisor, etc.
Qubes OS will detect this type of attack, and in most cases prevent it. It can also protect you against badUSB if you create a USBVM to handle the USB controllers.
Detection comes via the Anti-Evil Maid package, which uses a TPM to measure the system firmware, bootloader, kernel and hypervisor. It optionally can create a USB thumbdrive for booting Qubes in AEM mode. (AEM should *always* detect a compromised base system, but using a thumbdrive can help prevent an attack from succeeding in an 'Evil Maid' scenario.)
Qubes uses Xen, a type 1 bare-metal hypervisor with a miniscule attack surface, and uses that as a chokepoint to regulate ALL system activity (including network and graphics) in a way other OSes do not. Graphics is one of the weaknesses in VM host security that enables 'VM Breakout' escalation attacks. In using VMs for all sensitive functions, remote attacks are highly unlikely to escalate and take over the core system or firmware.
This is a very interesting choice: Great display and extremely high Linux compatibility.
I won't say there is nothing irrational about the marketing of organic food. But organic farming does largely achieve its primary goals: Keeping the soil healthy and lowering pesticide exposure.
As for vegans, they are simply against animal exploitation and cruelty. Its not a scientific issue.
The way that conservatives attempt to pick at the 'irrationality' of others is instructional here. Its really a defense of large, exploitive industries with monopolistic tendencies. OTOH, the manner in which conservatives escape abusive industries is to form communities like the Amish or Christian Scientists, which IMO are worse than the problem.
I think the only "point" in this sub-thread is that the 'temporarily embarrassed billionaires' are shilling for oligarchs by shifting the focus of a discussion about national politics to the globe.
They come in full-size and mini versions, wired-with-hub and also wireless...
http://www.matias.ca/
If the intermediaries matter, you're doing it wrong.
It's already implemented.
The powers that be have chosen "No one is cyber-secure" for you.
Granted, nothing is perfect. But I'd like to see any demonstration of hacking a system like this.
Or, rather, I'd like to see them try.
Real network security is defined by the quality of its endpoints. And to have secure endpoints we need a personal computing culture that values openness as the first step to better security.
Oh and by the way, want to know if their hacking attempts were successful or not? That's easy to determine now.
Is any Blackphone service still legal to use?
You now have your answer.
Enjoy the illusion of privacy.
Now there is an example of actual paranoia: The black and white thinking, the raising of a perceived enemy to super-human abilities.
The world is in a CRISIS over privacy right now, and there is still much to this issue that is up in the air.
Do I think the US government is capable of *trying* to censor crypto? Yes, eventually it may happen. But only if/when housing and food become much more expensive... Then you would see the (small) difference between the US government and third world dictatorships disappear and we wouldn't be having these kinds of conversations.
Indeed, all code has bugs. Its a question of who/what is using the least amount of code necessary to provide a security mechanism. That's what reducing the attack surface is really about.
From a security standpoint, Qubes would by definition have very few-to-no additional bugs above what exist in Xen. OTOH, as I have implied, a Linux or Windows kernel + supporting libraries and also the firmware for USB controllers and NICs are immense compared to Xen plus a couple Qubes drivers (there is more to Qubes code, but only a small bit is critical to security).
I'm just pointing out that air-gapping does rely on the good behavior of an awful lot of code at its security perimeters. And it is TWO or more perimeters, not one, because you are putting some faith in the networked machine(s) being well-behaved as well.
Even so, the untrusted networked system could take a chance that you have automounting enabled or that you will inadvertently do something to mount a volume... it could write a malformed filesystem to the disc anyway.
User error could happen with any system. You're really stretching here.
And why should a user be burdened with a detail like controlling automount behavior? Its exactly the kind of thing you see in the papers when people are hacked. And it raises the question of how much of a tireless control freak you have to be to make a security schema work.
Its much safer to have a core domain that simply doesn't mount any extra volumes and is cut off from the network. One can quickly dispatch a disposable vm to look at the contents of a drive or copy something.
Once an air-gapped system is compromised, it can alter the hard drive firmware to store passwords and keys in a format/cipher readable by the attacker who can later break-in to the premises and steal/confiscate the computer. In a Qubes non-networked vm, there is no out-of-band way to communicate or store info, and a compromised vm wouldn't have access to the disc encryption password in any case.
Where did I ever say any of these computers had hard discs?
LOL! OK you 'win' that one. Let's do without mass storage...
What you described #s 1-5 sounds much more complicated than using email in Qubes. And presumably this covers only email for one type of role (work, personal, etc); Covering all the roles means using many additional computers and burning many discs, and each role needs its own disc encryption passphrase.
This whole notion you have that "the operating system is insecure so let's put another layer on top of it" is just silly. If you make Xen your operating system, then Xen is your operating system.
As I pointed out, Xen is tiny. Its not being layered on top of anything.
Hypervisors vary in their security focus; Most are designed to re-purpose a CPU security mechanism as a way to conveniently maximize hardware usage or run alternative OSes. They don't care much about security, especially on the desktop where they focus on convenience alone. They expose graphics, audio, clipboard, etc. in ways that practically define the category of vm-breakout exploits.
Xen cares very much about security on the server, and Qubes adds what is necessary to extend that to the desktop by properly virtualizing the graphics subsystem along with everything else, for example.
True security comes from simplicity, not complexity.
I agree -- However, functionality comes from complexity. So the solution becomes using simple security mechanisms to manage the de-privileged complexity.
It has been fun arguing over two different isolation mechanisms. Air-gapping is not often discussed in detail, and it would be nice to see sites like
The mass media (aka 'infotainment complex') is a prime example that if you tell the facts all day about fires, robberies, weather, and (selectively) arrests... then you gain a certain credibility to use in starting a war, or to keep suggesting that everyone on the street is just a temporarily embarrassed billionaire (if only the government would stop this regulation stuff).
Its possible Google's new ranking idea could be a benefit to humanity IF they make the logic and the rankings transparent. That would at least allow the raters to be rated by watchdogs.
For God's sake, stop researching for a while and begin to think!
