Jump to content

Search the Community

Showing results for tags 'paranoia'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 1 result

  1. I work in IT as a combination network administrator and computer consultant. I often get the question of "how do I keep my computer secure", however, despite the normal "best practices" that I typically return to the average people that I help regularly, I always think to myself "you know, I can think of a few ways these normal techniques can be circumvented" or "normal computer security techniques would probably be a joke to circumvent for the $name_of_3_letter_intelligence_organization". So I started thinking... How do government intelligence agencies handle security? If I did want to commit some kind of massive information crime (not that I would ever want to), how could I ensure that nobody could figure out my physical location, and if they do, how could I secure the information on my equipment in such a way that if seized and analysed by the best computer forensics and cryptoanalysts in the world, that they would find none of the incriminating information for prosecution. It occurs to me that most publicly available crypto software is likely either not strong enough to resist the repeated attempts at circumvention by a government agency with as many resources as the NSA. Is there better software available than bitlocker / filevault2 / truecrypt / luks/dmcrypt? How does one mitigate cold boot attacks? What about mitigating against simple coercion? I know that for most standard United States trials, the fifth amendment gives some protection to people against giving up information in their head as they don't make you testify against yourself, but what about those people in non-public situations or outside of the united states on a waterboard? - a system with authentication expiration would probably be a good idea. somehow integrating a dead-man's-switch into the mix. But in all seriousness, in these days of lowered trust in governments and law enforcement officials, with anti-piracy crackdowns and governments like the Koreans and Chinese who have no free speech policies, or simple private communications, how does one create a secure system? can we really trust the common operating systems we use? windows? mac os x? - even linux and it's associated programs that make up standard distributions that are completely open source, do they have the code scrutiny to say "yes, this is completely secure!"? I really don't think so. and then worse, once you get the base system set up (even if you assume it's 100% secure), once you start adding software that you use on a daily basis, things like word processors, video players, graphical window managers, etc. how do we trust that the programs or the interactions between those programs will be secure as well? tl;dr: If you were Batman, Nick Fury, or the CIA or NSA's CIO, what kind of computer systems would you use and how would you make sure that they were totally and completely secure? How would you secure their networking? and if someone were to raid and seize these machines, how would you make it so the expert government agency with virtually unlimited resources can't access any incriminating data?
  • Create New...