Delayed response here; but it would be too rude to
consciously let a direct question hang unanswered.
âI'm interested as to what you mean by hardened Osesâ
-bad apple. 04/04/15
Well, yes, by hardened I essentially mean "slightly
less leaky". Leaky and secure; they could be conceived of as on
opposing ends of the same scale.
And that "slightly" can often be significant enough, if it means
you are fleeing an âassailantâ faster than your neighbour is.
Certain measures you can take also mean that any data profiles
being compiled against various of your identifiers are
fragmented enough such as to be worthless for the purpose of
building a representative picture of you in those areas.
Though maybe I am using the term âhardenedâ
incorrectly.
However, here are a few things that spring to mind:
You could run a ROM that provides access to the
latest security updates.
You could root your phone, to give yourself greater
control over what it can and can't do. Such as:
You could disable all services you don't need,
especially Google ones.
If you have yet to buy into the Play ecosystem, this can even
include Play services and most anything Googs.
If you are already invested in Google Play, or are willing to
trade some privacy against it's boonage, this can still mean
pretty much everything else Google except Play services and a
couple of related processes.
You could run a firewall (Droidwall, for example) and
whitelist only programs you specifically want to be able to
access the internet.
You could disable WiFi whenever you are away from a
trusted network to keep from leaving a trail of your MAC address
wherever you go.
You can automate this with, for example, the app Screen Off
Internet Off.
With Cyanogenmod Privacy settings, you could control
what functions, data, and services apps can access, to quite a
high degree of granularity.
If you are willing to take the -- what i have found
to be -- noticeable performance hit, you could install Xposed
Framework, and install some security related modules; like fake
MAC address reporting, and fake useragent reporting, and other
things. And â since I last checked the Xposed repo â maybe
install some other modules to help secure Android and obscure
it's public footprint.
You could run an occasional root kit scan (SecScan).
You could disable certain background services, such
as SSH, with SecDroid.
You could turn off geotagging in camera.
You could use an offline, third-party mapping solution.
You could never connect to random WiFi access points
(and use your 3G/LTE instead), or use a VPN/TOR, if you do.
You could disable Android spellchecker; location
services; NFC; backup my data (to Google servers); and rename
your devicename to âlocalhost.â (See
https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy)
You could encrypt your SMS messages with Whisper
Push. You could even go SIMless and only use encrypted
communication VOIP and text channels.
You could rout all traffic on the phone through TOR
(and very easily).
Of course, in most practical cases that still afford
you some of the conveniences of actually having a mobile phone
at all, you still have a tracking beacon in your pocket. Though
you could enable aeroplane mode, and only allow your SIM to
connect to the cellular network, say, once a day, from the same
or indeed different/pseudo-random location, in order to make
calls and receive texts messages and missed call alerts.
You could grant root apps time-limited root access
only, say ten minutes, enough for you to do with them what you
want. Similarly you can restrict when apps are allowed to start
in the background and which system-calls they are allowed to
respond to (for example with Autostarts).
You could disable Android Device Manager's access as
a system administrator.
Depending on how much convenience you are willing to
trade away, you could look into Replicant OS or Blackphone
(tangentially Android), if you really are
paranoid/important/trying to make a point to yourself. Though,
at some point, in some circumstances, your uniqueness makes you
stand out more, of course.
The above are all measures that mitigate
security/data leakages as concerns the user-facing OS, in this
case Android. As far as the baseband OS(es) go, ....
There are a couple of things you can do to improve
your local security too, like encrypt your entire phone and
password protect your custom recovery. Thus (with an encrypted
phone and password protected recovery and sufficiently hard to
guess unlock-pin) your phone's data would be pretty well
protected, should your phone part company with you.
Anyway, those are a few things that come to mind.
Which of them i have implemented accords to my
personal security/convenience trade-off.
Any other ideas out there?
âI do not trust either phone (Apple or Samsung)
anywhere near as far as I could throw themâ
--bad apple
Neither do I. And I believe this is justified
mistrust. And I would extend this to my PCs too. Sadly. But any
honest assessment would have to lead me to this view. Opensource
or nay. E.g., Heartblead; Shellshock; innumerable zerodays; the
good old boys at the Nefarious Secrets Agency designing SELinux;
closed source BIOSes, disk controllers, keyboard firmwares,
etc.; the insecurity of remotely held data and the profiteering
from its sale; the collusion of the private sector and the
security services; amoral Russian wizzkids. And on and on and on
and on.
And I do not regard myself as crippled by paranoia or
anything. I just take these apparent realities into account, and
upload (or not), encrypt (or not), turn off (or not), commit
(data) to bits (or not), accordingly.
That said, as regards securing laptop: firewall
(gufw); weekly rootkit scan (rkhunter); various Firefox addons;
fresh, on-the-fly virtual machine for banking; BIOS password
lock; HD password lock; disabled ability to switch virtual
terminals from wake-from-sleep login screen (as discussed here a
year or so ago); encrypted âdocumentsâ folder; Maybe some other
things.
The MP3 player runs Rockbox, a free OS. As discussed
here a year or so ago.
Not a very high value target anyways: an MP3 player. Though some
of my music choices might be derided and publicly mocked if
exposed, I am proud of them all!
And the old PowerPC G5: very rarely allowed on the
net. LOL.
Still good for Logic, running Classic software, and for great
games, such as Jedi Academy and Oni.
I personally do not have a server to worry about.
Though, I do use SpiderOak to backup certain critical data
remotely (as well as backing it up in iterations locally), which
is encrypted before upload.
âThe Internet of Things is pretty much already here,
and there is little we can do about itâ
--bad apple.
I can't get behind the argument âsomething, from our
current vantage point, seems very likely, arguably inevitable,
so let's not even try to mitigate any of it's perceived
ill-effects.â Resistance is not necessarily futile! In this
case, you often just have to take yourself offline, hide in the
crowd, or be more secure than the average user.
And honestly, I think it will be possible to lead a
âdumbâ life for a long time yet. Even if it means taking a
hammer to the network jack in your toaster.
For much of it, âsmartâ devices will likely be avoidable by
exercising consumer choice (perhaps even by buying second hand
sometimes).
I think you will be able to avoid network attached
appliances pretty easily, in many cases.
Cars may pose the greatest challenge in this regard.
Which is particularly unfortunate seen as they can be pretty
effective tracking devices; especially so if certain âblackboxâ
technology is mandated by government/insurance companies.
Your utility company may know how much power you use
more accurately than before. But it can also bill you more
accurately â conceivably beneficial for both parties. And, for
me at least, I don't consider how much power or water I use to
be especially private. Though, I suppose they will be able to
build a profile of the hours in which I am using various
utilities regularly. Which some might consider a privacy
invasion or security breach, especially if this information is
stolen, sold, or leaked.
Anyways: this long. Sorry. I go now.
â And for those Agents of the Crown whose attention â
or that of her five-eyed friends â may have been drawn to this
posting due to some keyword-flagging software running down in
Cornwall: I am not doing anything at all interesting. It's all
security for security's sake. And attempts to mitigate ID fraud.
Go get a coffee and put OpenSuperSpySuite back on auto-play.
On 4 April 2015 17:00:54 BST, bad apple
<mr.meowski@xxxxxxxx> wrote:
On 04/04/15 11:45, Migel Wimtore wrote:
"it's not like I'm unfamiliar or n00blike with Arch or any other system
for that matter."
Well, I mean setup time as in time from base install to functioning
desktop environment. As in choosing and installing a fair few packages
and setting them all up. It's no big deal, but compared to the
straight-to-desktop experience of most other popular distros, it's not
negligible either. And, unless you have that automated with a script or
something, this is what I meant by time consuming. Nothing to do with
noobishness. Your technical literacy comes accross in your writing
clearly enough.
"My fridge will be asking Amazon to buy more milk in a few years. I
really hope that whatever crappy OS does that, it will be a bit less
rubbish than anything I'm using now."
Personally, I like to have discrete and, as much as time and expertise
will allow: hardened OSes in my laptop, phone, and mp3 player (well,
this last one doesn't have an intertet connection and runs a free OS, lol).
Call me fusty, but I store very little remotely, take care of all my own
backups and feel no desire to hook my household appliances up to the
network for marginal convenience gains, nor my systems to each other, at
any level lower than that of a couple of interoperability programs and
user initiated connections.
It seems we have trouble enough securing our dedicated computer systems
(networks, home computers, phones and tablets), which are designed with
security in mind (as far as it doesn't impinge on general-user's
convenience); I am not rushing to put my house and vehicle online
anytime soon. There to expose me and my friends and family to further
tracking and and data monetisation, and potentially seeing us targeted
in more sinister and destructive ways.
The marginal life-style benefits are not worth the trade off for me.
Give me keys, light switches, shopping lists, manual thermostats,
mechanical cars, and keep my computers general purpose, please.
Ps: what are you liking about FreeBSD currently. ZFS and jails are
certainly cool. But RMS cries and gorges himself on toejam everytime a
BSD is spun-up. Won't anybody think of the messiah?!
Primarily because BSD is a lesser evil these days - sadly it's not even
necessarily positive features that are drawing me in, more the lack of
Linux stupidity that is forcing my hand. Zones are actually nice and a
native ZFS root is a priceless feature (you can do it on Linux, it's
just a bit hacky still and rather fragile) but the overwhelming
advantage is BSD's boring, stable, practical and unchanging approach to
modernising that I'm increasingly drawn to - apart from slowly and
steadily adding cool new things, it just doesn't ever really change much
and that's a good thing. I'm sick of being forced to adopt whatever
stupid new $FEATURE Linux has decided to force on us this week, and yes,
of course this is partly aimed at systemd.
I'm interested as to what you mean by hardened OSes, especially in
regards to your phone: I've got a jailbroken iPhone and a rooted Android
that I've had a good go at locking down but I still wouldn't exactly
consider them hardened, just a bit less leaky than the stock ROMs from
their respective useless manufacturers (Apple and Samsung). I
categorically do not trust either phone anywhere near as far as I could
throw them considering that's probably a pretty good distance if the
last ring had been another damn robocall...
Even though you may like it as little as me the Internet of Things is
pretty much already here, and there's little we can do about it. From
'smart' electricity meters and thermostats to wireless connected
sensors, watches, fridges and cars, *everything* will soon be network
addressable from a hacker, law enforcement or stalkers perspective, and
all this stuff will be running crappy, proprietary, non-updatable and
ridiculously insecure software: our illusion of privacy will be
completely gone within a decade. There will be no opt-out because before
long it will be simply impossible to buy non-networked, non-broken
gadgets of any kind - fridges without IPv6 simply won't exist. Unless
you're going to 3D print everything you ever own yourself and microwave
every embedded RFID tag in every single thing you ever don't fab
yourself, the dystopian future has you firmly in it's grasp.
God, I've even made myself feel miserable now.
Great post Migel, this is a keeper. I've been poking around security
on phones for a while and getting very confused/dispirited. This
list is a great pointer to what to look at and explore. And then
implement. After backup of course.