Well world,
As modern operating systems become even more invasive in terms of monitoring and tracking user habits, I have decided to switch full time to Linux as my primary OS. I say primary OS because I still need to be able to boot into Windows on the rare occasion for work. However I should be able to accomplish 95% or more of what I need to get done in Linux.
So as the title say's: Adventures in Securing Linux, you're probably wondering a few things. First and foremost, why I don't I just one one of the pre-built Linux distributions to handle this and get on with my life? There are a few answers to that question and they are listed below:
1. That's too easy
2. I won't learn as much
3. Because I think it will be fun / painful to do
OK then, define securing linux. My response: Define the color orange. Standard things apply here such as:
1. Security through obsucirty (make your web presence as small as possible)
2. Defense in depth, multiple layers of shields
3. Common sense
Awesome! So what base distro are you going to build this on? Well kids, hold on to your hats. I am basing this on Bunsen Labs which is currently in Alpha 2. Alpha????????? Close tab, next page.
Relax. It's based on Debian Jessie and is quite stable actually. Check it out:
http://crunchbang.org/forums/viewtopic.php?id=39994
You moron, you linked to Crunchbang linux.
Yes I did. Because the developer of #! is hanging up his hat. So the community got together to carry on. The successor is named Bunsen Labs.
At this point you might be thinking "Ok, but what are your goals exactly and how do you plan to accomplish them"?
Excellent question. Here you go:
So, I've been toying with the idea of seeing how much of BL I can harden. Because well:
1. I'm paranoid. Yes, they are watching you
2. It'll be fun experiment
3. I get to learn a lot in the process
4. Reasons
So while researching how to configure all my outbound internet traffic to use TOR, I came across this:
https://trac.torproject.org/projects/to … arentProxy
Which
on top of me wanting to add in things like XEN, SeLinux and Apparmor
should make things pretty secure. I also use the following addons to
iceweasel:
1. Ghostery
2. NoScript
3. AdBlock plus
4. Flashblock
5. AdBlock for YouTube (I hate ads in my video's)
What i'd also like to do is configure a few other things:
1. Flush RAM and SWAP contents on reboot or system shutdown
2. Encrypt my /home partition
3. Configure and use GPG with Thunderbird
4. Figure out to add a keyboard command to lock the screen
5. Move grub to my sdcard, so the system won't boot if it's not installed
Which is my post in this thread:
http://crunchbang.org/forums/viewtopic.php?pid=437006#p437006
Now we're getting somewhere. So what's the plan?
The plan young one is to install BL in a Virtual Machine and go from there with a lot of snapshotting. Not because things MIGHT break, but because they WILL break.
What's your host OS?
OS/2
I kid. The host OS is also Bunsen Labs. So there's some linux inception action going on. Neat.
I plan on keeping detailed notes in a CherryTree DB for reference. I will also post what I find and learn both here and on the #! / BL forums.
Fun times!
Now, if I had to recommend a distro where someone already did this, it would hands down be Tails. No question asked. My hat is off to them, nice work guys.
Sunday, August 16, 2015
Sunday, January 19, 2014
It's raining laptops!
So, I have this client who shall remain nameless. What's really cool about them though is that they rotate out their laptops on a frequent basis. What's really cool is that they always purchase high-end Dell Latitude's and Precision laptops. These are the business class and mobile workstation class machines. What's even more cool than that you ask? When the old one's are no longer under warranty, they replace them with new machines. But what happens to the old ones? Well...they go to me. So in the coming days ahead I will be posting some reviews and thoughts about the machines that come my way. Some of them I might keep, some I might sell or give to family members. So stay tuned.
Sunday, September 1, 2013
My good friend's book series
It's been over a year without a new post from me.
Man time flies.
Anyway, I have a good friend who I have known for over 23 years. He writes books. Really good books. You can check his site here:
http://www.maldene.com/
or like his facebook page here:
https://www.facebook.com/pages/Maldene-Fan-Page/117102904979088
I have had the pleasure of reading his books, throughout their various revisions over the course of many years. The Maldene world is based upon the author's own table top style D&D system. The characters are based on actual PC's (player characters) that were run by his friends. The story is rather epic in nature combining magic, technology and psionics all in one. Want duels between Arch-Magi? Yeah, he's got those. How about epic space fleet battles involving hundreds of world's and millions of ships? Yep, got those too.
The only thing it doesn't come with is a comfy chair and bowl of your favorite snack to read it by.
But I hear he's partnered with Ikea and Keebler to help out there. Those elves can do some cool stuff.
Happy reading.
Man time flies.
Anyway, I have a good friend who I have known for over 23 years. He writes books. Really good books. You can check his site here:
http://www.maldene.com/
or like his facebook page here:
https://www.facebook.com/pages/Maldene-Fan-Page/117102904979088
I have had the pleasure of reading his books, throughout their various revisions over the course of many years. The Maldene world is based upon the author's own table top style D&D system. The characters are based on actual PC's (player characters) that were run by his friends. The story is rather epic in nature combining magic, technology and psionics all in one. Want duels between Arch-Magi? Yeah, he's got those. How about epic space fleet battles involving hundreds of world's and millions of ships? Yep, got those too.
The only thing it doesn't come with is a comfy chair and bowl of your favorite snack to read it by.
But I hear he's partnered with Ikea and Keebler to help out there. Those elves can do some cool stuff.
Happy reading.
Thursday, May 3, 2012
Barnes and Noble news
Although I usually use Calibre to convert documents into .EPUB format the guys over at Barnes and Noble are working on a nice instore feature for use with my favorite reader, the Nook. This article is brought to us from The Register. The author mentions it would be nice if Microsoft Word had a "Publish to Nook" button as a result of their recent partnership. I thought about it and I really think that would be pretty cool.
Target dropping Amazon Kindle
Well from what I can tell Apple is at it again when it comes to their e-reader and e-book mini war with Amazon. I'll not copy the article or pretend it is mine. Nope. This article comes straight to me from Ars Technica. You can read the full version here.
Sunday, April 22, 2012
History of the Blog's Title
Some people may or may not be aware of what the word "requiem" means. Here is the wikipedia entry on it so you can check it out for itself.
I fell in love with sound of the word after hearing Mozart's "Confutatis Requiem." It was a track on a CD I had back in 1996 that had a whole bunch of songs from Classical composers. I think I got it from Music+. Remember them? ;)
So I did some digging on Youtube and came across a rather nice version of it which I will attempt to embed here. Bear with me as this is my second post and I have been using Blogger for all of about 15 minutes.
I fell in love with sound of the word after hearing Mozart's "Confutatis Requiem." It was a track on a CD I had back in 1996 that had a whole bunch of songs from Classical composers. I think I got it from Music+. Remember them? ;)
So I did some digging on Youtube and came across a rather nice version of it which I will attempt to embed here. Bear with me as this is my second post and I have been using Blogger for all of about 15 minutes.
Mozart Requiem Mass in D Minor VI - Confutatis and Lacrimosa
As far as my username or handle is concerned that will be answered in due time. :)
Well after fiddlng around with <div> and <iframe> codes, I got it going. Even though I may do IT for a living I barely touch web code, so bear with me as I re-learn what I have un-learned.
Well after fiddlng around with <div> and <iframe> codes, I got it going. Even though I may do IT for a living I barely touch web code, so bear with me as I re-learn what I have un-learned.
Hello world
I has a blog. Therefore I am no different than anyone else. This place will be used for random rants, musings, oddities, comments on issues affecting us in the digital age and finally just to annoy people.
Pull up a seat.
Pull up a seat.
Subscribe to:
Posts (Atom)