1

Topic: Few articles on Computer security

I have written the following 2 articles as seen on the link below:

https://designman.org/sagaracharya/blog

I typically write about computer security since I think it's the biggest issue today.

A couple days ago, I've written about a what a way to military grade security would look like. I'd like your opinions on it. You can criticize or appreciate it but don't criticize with biased opinions. Make sure it's the truth.

Thanks.

2

Re: Few articles on Computer security

I have added a new article. I have gone away from my standard informative tone and shifted towards sarcastic tone.

https://designman.org/sagaracharya/blog … r_security

Feedback is welcome.

3

Re: Few articles on Computer security

sagaracharya wrote:

I have added a new article. I have gone away from my standard informative tone and shifted towards sarcastic tone.

https://designman.org/sagaracharya/blog … r_security

Feedback is welcome.

These are right on target: 
    Small software size.
    Free (as in Freedom) Software
    Open Source Hardware.

This One, I don't know enough to know if its true:

Small compilation toolchain.

But it probably is... tongue


These are also good, albeit sadly the only one I think will be done more often than not, is #1 and even that doesn't happen nearly enough...
#3 also will happen, albeit part of it only...  #2 will probably happen more in the BSD crowd too,

#8, will happen somewhat also,  but in general, these things will rarely happen beyomd that, unless people start getting more intelligent...

But we know corporations hate that and will actively fight against that... but yeah, I agree your points are good, just very unlikely...

1: Choose hardware which supports 100% free software. (Since you cannot trust binary blobs).
2: Choose an OS which has a small kernel and other minimal software that you need. (OpenBSD is the only one I can see here today)
3: Do not trust the developer of that OS. Read the code and verify that there are no bugs.
How do I know that the binary made has no tampering and the code which I read has been compiled.(Now comes the worst part.)

4: Choose a small compiler. It typically should be a C compiler because Oses are written in C. (I know none which is small.)
5: Read the code and verify there are no bugs.
6: Choose a small communication software (preferably written in C as you would have to read code of another compiler if it were written in different language).
7: Read code and verify there are no bugs.
8: Encrypt with a good encryption scheme and send the message not trusting the sender

Although, I mostly try to do the spirit of 1 and 2 as is reasonable, and somewhat of 3 with operating systems that I do not trust.

Same with 8, but I don't think me or other people anywhere do any of these completely...

That being said, perfect security is utterly impossible in this life and in the hardware/software world, it is 100% impossible.

That being said also,  I try to to do as much as I feel I can to resist the corporate nonsense, looking at redhat and the other evil proprietary companies of the world...

wink

That all being said, its a good list, I wish people would at least attempt to push towards one or more, of these, but even that is mega hard.
So, thanks, but its still too early for this. wink

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

4

Re: Few articles on Computer security

zapper wrote:

These are right on target: 
    Small software size.
    Free (as in Freedom) Software
    Open Source Hardware.

This One, I don't know enough to know if its true:

Small compilation toolchain.

But it probably is... tongue

If you write some code in any language, you have to ensure that the binary you give to the user generated by the compiler comes from the same code which you wrote without any extra possible malware from the compiler designer.

zapper wrote:

These are also good, albeit sadly the only one I think will be done more often than not, is #1 and even that doesn't happen nearly enough...
#3 also will happen, albeit part of it only...  #2 will probably happen more in the BSD crowd too,

#8, will happen somewhat also,  but in general, these things will rarely happen beyomd that, unless people start getting more intelligent...

But we know corporations hate that and will actively fight against that... but yeah, I agree your points are good, just very unlikely...

Although, I mostly try to do the spirit of 1 and 2 as is reasonable, and somewhat of 3 with operating systems that I do not trust.

Same with 8, but I don't think me or other people anywhere do any of these completely...

That being said, perfect security is utterly impossible in this life and in the hardware/software world, it is 100% impossible.

That being said also,  I try to to do as much as I feel I can to resist the corporate nonsense, looking at redhat and the other evil proprietary companies of the world...

wink

That all being said, its a good list, I wish people would at least attempt to push towards one or more, of these, but even that is mega hard.
So, thanks, but its still too early for this. wink

I have pointed to the theoretically most secure point. If we work in this direction, there already are many projects going on shown on suckless.org which have small software, olimex provides free hardware, hyperbola is already the best and moving towards getting even better. It's just that everything hasn't come together.

The biggest problem is that capitalism has a structure that if one can generate problems for others, one can charge money for solving those. Due to freedom points, free software cannot earn much. This prevents them from earning money and ultimately from preventing big companies harming them.

I strongly believe that all the correcting systems should lie within normal systems. Things like, environment saving companies accepting donation separate from environment harming companies earning money OR free software developers earning their living at proprietary software creating companies doesn't work. Earning a living is the most primary thing. If free software cannot support majority software developers, then proprietary software will exist.

It's difficult. But if anyone can do it. It's us.

5

Re: Few articles on Computer security

sagaracharya wrote:
zapper wrote:

These are right on target: 
    Small software size.
    Free (as in Freedom) Software
    Open Source Hardware.

This One, I don't know enough to know if its true:

Small compilation toolchain.

But it probably is... tongue

If you write some code in any language, you have to ensure that the binary you give to the user generated by the compiler comes from the same code which you wrote without any extra possible malware from the compiler designer.

zapper wrote:

These are also good, albeit sadly the only one I think will be done more often than not, is #1 and even that doesn't happen nearly enough...
#3 also will happen, albeit part of it only...  #2 will probably happen more in the BSD crowd too,

#8, will happen somewhat also,  but in general, these things will rarely happen beyomd that, unless people start getting more intelligent...

But we know corporations hate that and will actively fight against that... but yeah, I agree your points are good, just very unlikely...

Although, I mostly try to do the spirit of 1 and 2 as is reasonable, and somewhat of 3 with operating systems that I do not trust.

Same with 8, but I don't think me or other people anywhere do any of these completely...

That being said, perfect security is utterly impossible in this life and in the hardware/software world, it is 100% impossible.

That being said also,  I try to to do as much as I feel I can to resist the corporate nonsense, looking at redhat and the other evil proprietary companies of the world...

wink

That all being said, its a good list, I wish people would at least attempt to push towards one or more, of these, but even that is mega hard.
So, thanks, but its still too early for this. wink

I have pointed to the theoretically most secure point. If we work in this direction, there already are many projects going on shown on suckless.org which have small software, olimex provides free hardware, hyperbola is already the best and moving towards getting even better. It's just that everything hasn't come together.

The biggest problem is that capitalism has a structure that if one can generate problems for others, one can charge money for solving those. Due to freedom points, free software cannot earn much. This prevents them from earning money and ultimately from preventing big companies harming them.

I strongly believe that all the correcting systems should lie within normal systems. Things like, environment saving companies accepting donation separate from environment harming companies earning money OR free software developers earning their living at proprietary software creating companies doesn't work. Earning a living is the most primary thing. If free software cannot support majority software developers, then proprietary software will exist.

It's difficult. But if anyone can do it. It's us.

Hadn't thought of suckless.org, but yeah, its very rare even still for people to think that way...

But you give me some hope, regarding this.  Appreciated.

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

6

Re: Few articles on Computer security

I have written a new article on ethics. Let me know your views on this, especially throgh.

https://designman.org/sagaracharya/blog/ethics

7

Re: Few articles on Computer security

Well I have read the article, but that part to discuss won't fit here in the forum. It would not even fit into hours of any kind of discussion as uncountable individuals have made the attempt to define what life and ethics could be like. Our social interaction is way too complex being defined in just one deterministic way and perspective. Therefore the thread "Being believable" for example is just about concrete thoughts and concurrent situations. Of course readers have different perspectives onto that everytime, so I won't be able to define just one "correct way".

In the end I can only note that it helps to get more emancipated and oriented for the global community onto that. Emancipation, solidarity and empathy are of highest value for us as social beings! And to "survive" won't be possible alone without them. So I try to give out thoughts clearly oriented onto those values. smile

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

8

Re: Few articles on Computer security

Well, a very important statement in my article is "Systems which have the survival characteristics survive."

Diverging from the article, this is the issue I find with free software. It doesn't have any survival characteristic. In times of capitalism, it needs to atleast earn a bare minimum amount to survive. On the other hand, proprietary software creators earn a shit load of money!

In fact, I'm making an application for pinephone for payment, named gnupi . I need help of a bank who in turn is gonna charge a pretty big amount to me to get access to the payment interface? Making gnupi free software is just not possible because I won't earn anything and would quickly have to file for bankruptcy while the bank charges would remain.

I find Joanna's principle of distrusting such software very important. Distrust the binary yet run and get the work done!

Going back to article, you are able to make your own decisions more or less. You wouldn't be able to do that if Germany was not free, or any of smaller systems like states within Germany weren't free. That's the crucial one of my points in ethics taken from an Indian great Shivaji who coined the term or made it famous, Swarajya which literally means "to rule oneself". The way I define it is slightly different from Shivaji's way of Swarajya.

9

Re: Few articles on Computer security

Well, free software has a system for sure. But it is based on altruism, so a good value made completely useless in capitalism. You don't earn money? So it is defined as "useless". You can see that in the early propaganda made by Microsoft for example. In fact altruism can work on a common ground and sense, even now. But then again: With having imbalances in projects and only a few people being engaged, even the altruistic perspective is more or less on the loosing grounds.

The point about of "rule oneself" has a bitter aftertaste, because more or less it won't stay only by yourself. That's not how we humans think and work. So both points (capitalism and self-ruling) are in to be seen in combination as you cannot be single-sided independent from the ground-basic system itself. And capitalism always tends to be as big as possible. The rest will be then a gruesome tale for the future: Either free, libre software is dying slowly because altruism and a common sense for solidarity and empathy is dying also. Or it will be the opposite and a dominant "free software" will be the same model we have now, even worse possible. The reasoning is easy: Why should software be "free" then? Just a little amount of money then and the source-code stays open for building. Okay, a little bit more amount with the newer version and the code only for registered members. Okay, more amount of money and no code. hmm Just an example on how thoughts could be. And even permissive licensing can be changed. You can see that in many projects going more and more into the reasoning of "open-source", which is "some-way" open but not complete.

My point is: You can be free, you can be individual. But there is a "we" in every "you" or "me". Individualism is within collectivism and collectivism is within individualism. That would be some way forward, because otherwise everybody (individuals or groups) is trying to "rule", but for the cost of others getting problems sooner or later. That's how "ruling" works! And free software lives on with participation and sharing. When people think free, libre software has only to be like they want it, the concept will sooner or later become a problem, because of "ruling". We can see that already with many Linux-only frameworks. And we can see it within the indifference of many participants in the soft- and hardware generic: Seems many have a problem to stay clearly for dignity and empathy, so better to "rule". And they do, otherwise we would have not been here into that discussion and there would have been also no need for Hyperbola to remove so much parts from many applications and libraries.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

10

Re: Few articles on Computer security

I have written an article on Choosing a problem to allocate our time to in this world.

As devs at Hyperbola, I strongly believe that we're changing the world for better. However, you might have met intelligent people who merely love solving problems and possibly make the world worse wrt their own principles. I think this article is for them, capable people who work against their own principles.

https://designman.org/sagaracharya/blog

As usual, feedback is welcome!