1

Topic: Few articles on Computer security

I have written the following 2 articles as seen on the link below:

https://designman.org/sagaracharya/blog

I typically write about computer security since I think it's the biggest issue today.

A couple days ago, I've written about a what a way to military grade security would look like. I'd like your opinions on it. You can criticize or appreciate it but don't criticize with biased opinions. Make sure it's the truth.

Thanks.

Today, the forces which make the rich richer and poor poorer have their roots in computer security. Never has it been more important to work towards abolishing the power of the powerful.

Let's use hyperbola or other libre OSes and strive towards stateless hardware (Rutkowska 2015). Let's use PinePhone and shun Android and iPhone which pretend to be secure.

2

Re: Few articles on Computer security

I have added a new article. I have gone away from my standard informative tone and shifted towards sarcastic tone.

https://designman.org/sagaracharya/blog … r_security

Feedback is welcome.

Today, the forces which make the rich richer and poor poorer have their roots in computer security. Never has it been more important to work towards abolishing the power of the powerful.

Let's use hyperbola or other libre OSes and strive towards stateless hardware (Rutkowska 2015). Let's use PinePhone and shun Android and iPhone which pretend to be secure.

3

Re: Few articles on Computer security

sagaracharya wrote:

I have added a new article. I have gone away from my standard informative tone and shifted towards sarcastic tone.

https://designman.org/sagaracharya/blog … r_security

Feedback is welcome.

These are right on target: 
    Small software size.
    Free (as in Freedom) Software
    Open Source Hardware.

This One, I don't know enough to know if its true:

Small compilation toolchain.

But it probably is... tongue


These are also good, albeit sadly the only one I think will be done more often than not, is #1 and even that doesn't happen nearly enough...
#3 also will happen, albeit part of it only...  #2 will probably happen more in the BSD crowd too,

#8, will happen somewhat also,  but in general, these things will rarely happen beyomd that, unless people start getting more intelligent...

But we know corporations hate that and will actively fight against that... but yeah, I agree your points are good, just very unlikely...

1: Choose hardware which supports 100% free software. (Since you cannot trust binary blobs).
2: Choose an OS which has a small kernel and other minimal software that you need. (OpenBSD is the only one I can see here today)
3: Do not trust the developer of that OS. Read the code and verify that there are no bugs.
How do I know that the binary made has no tampering and the code which I read has been compiled.(Now comes the worst part.)

4: Choose a small compiler. It typically should be a C compiler because Oses are written in C. (I know none which is small.)
5: Read the code and verify there are no bugs.
6: Choose a small communication software (preferably written in C as you would have to read code of another compiler if it were written in different language).
7: Read code and verify there are no bugs.
8: Encrypt with a good encryption scheme and send the message not trusting the sender

Although, I mostly try to do the spirit of 1 and 2 as is reasonable, and somewhat of 3 with operating systems that I do not trust.

Same with 8, but I don't think me or other people anywhere do any of these completely...

That being said, perfect security is utterly impossible in this life and in the hardware/software world, it is 100% impossible.

That being said also,  I try to to do as much as I feel I can to resist the corporate nonsense, looking at redhat and the other evil proprietary companies of the world...

wink

That all being said, its a good list, I wish people would at least attempt to push towards one or more, of these, but even that is mega hard.
So, thanks, but its still too early for this. wink

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

4

Re: Few articles on Computer security

zapper wrote:

These are right on target: 
    Small software size.
    Free (as in Freedom) Software
    Open Source Hardware.

This One, I don't know enough to know if its true:

Small compilation toolchain.

But it probably is... tongue

If you write some code in any language, you have to ensure that the binary you give to the user generated by the compiler comes from the same code which you wrote without any extra possible malware from the compiler designer.

zapper wrote:

These are also good, albeit sadly the only one I think will be done more often than not, is #1 and even that doesn't happen nearly enough...
#3 also will happen, albeit part of it only...  #2 will probably happen more in the BSD crowd too,

#8, will happen somewhat also,  but in general, these things will rarely happen beyomd that, unless people start getting more intelligent...

But we know corporations hate that and will actively fight against that... but yeah, I agree your points are good, just very unlikely...

Although, I mostly try to do the spirit of 1 and 2 as is reasonable, and somewhat of 3 with operating systems that I do not trust.

Same with 8, but I don't think me or other people anywhere do any of these completely...

That being said, perfect security is utterly impossible in this life and in the hardware/software world, it is 100% impossible.

That being said also,  I try to to do as much as I feel I can to resist the corporate nonsense, looking at redhat and the other evil proprietary companies of the world...

wink

That all being said, its a good list, I wish people would at least attempt to push towards one or more, of these, but even that is mega hard.
So, thanks, but its still too early for this. wink

I have pointed to the theoretically most secure point. If we work in this direction, there already are many projects going on shown on suckless.org which have small software, olimex provides free hardware, hyperbola is already the best and moving towards getting even better. It's just that everything hasn't come together.

The biggest problem is that capitalism has a structure that if one can generate problems for others, one can charge money for solving those. Due to freedom points, free software cannot earn much. This prevents them from earning money and ultimately from preventing big companies harming them.

I strongly believe that all the correcting systems should lie within normal systems. Things like, environment saving companies accepting donation separate from environment harming companies earning money OR free software developers earning their living at proprietary software creating companies doesn't work. Earning a living is the most primary thing. If free software cannot support majority software developers, then proprietary software will exist.

It's difficult. But if anyone can do it. It's us.

Today, the forces which make the rich richer and poor poorer have their roots in computer security. Never has it been more important to work towards abolishing the power of the powerful.

Let's use hyperbola or other libre OSes and strive towards stateless hardware (Rutkowska 2015). Let's use PinePhone and shun Android and iPhone which pretend to be secure.

5

Re: Few articles on Computer security

sagaracharya wrote:
zapper wrote:

These are right on target: 
    Small software size.
    Free (as in Freedom) Software
    Open Source Hardware.

This One, I don't know enough to know if its true:

Small compilation toolchain.

But it probably is... tongue

If you write some code in any language, you have to ensure that the binary you give to the user generated by the compiler comes from the same code which you wrote without any extra possible malware from the compiler designer.

zapper wrote:

These are also good, albeit sadly the only one I think will be done more often than not, is #1 and even that doesn't happen nearly enough...
#3 also will happen, albeit part of it only...  #2 will probably happen more in the BSD crowd too,

#8, will happen somewhat also,  but in general, these things will rarely happen beyomd that, unless people start getting more intelligent...

But we know corporations hate that and will actively fight against that... but yeah, I agree your points are good, just very unlikely...

Although, I mostly try to do the spirit of 1 and 2 as is reasonable, and somewhat of 3 with operating systems that I do not trust.

Same with 8, but I don't think me or other people anywhere do any of these completely...

That being said, perfect security is utterly impossible in this life and in the hardware/software world, it is 100% impossible.

That being said also,  I try to to do as much as I feel I can to resist the corporate nonsense, looking at redhat and the other evil proprietary companies of the world...

wink

That all being said, its a good list, I wish people would at least attempt to push towards one or more, of these, but even that is mega hard.
So, thanks, but its still too early for this. wink

I have pointed to the theoretically most secure point. If we work in this direction, there already are many projects going on shown on suckless.org which have small software, olimex provides free hardware, hyperbola is already the best and moving towards getting even better. It's just that everything hasn't come together.

The biggest problem is that capitalism has a structure that if one can generate problems for others, one can charge money for solving those. Due to freedom points, free software cannot earn much. This prevents them from earning money and ultimately from preventing big companies harming them.

I strongly believe that all the correcting systems should lie within normal systems. Things like, environment saving companies accepting donation separate from environment harming companies earning money OR free software developers earning their living at proprietary software creating companies doesn't work. Earning a living is the most primary thing. If free software cannot support majority software developers, then proprietary software will exist.

It's difficult. But if anyone can do it. It's us.

Hadn't thought of suckless.org, but yeah, its very rare even still for people to think that way...

But you give me some hope, regarding this.  Appreciated.

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!