Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Designing the best network infrastructure for?a.Human Rights NGO

Rich Kulawiec rsk at gsp.org
Thu Feb 28 06:58:55 PST 2013


On Thu, Feb 28, 2013 at 01:43:38PM +0000, anonymous2013 at nym.hush.com wrote:
> Every idiot knows Linux is more secure in many ways 
> than Windows yet sometimes other factors come into play that 
> require the use of MS. 

No.  MS is never required.  I've heard that contention for decades and
it's never been true.  There's ALWAYS a better way to anyone who has
the intelligence, the resourcefulness, the diligence to find one.

(And this gets easier all the time: finding alternatives is much
easier in 2013 than it was in 2003.  The problem now, in some ways,
is not "are there vastly superior alternatives?" but "which of the
many is right for this instance?"  Good problem to have, though.)

So you have a choice: you can either stubbornly persist with this, or you
can go back through your checklist and remove every single item that's
not open-source.  (For starters.  That's by no means a sufficient change,
but it's a necessary one, and would at least dispense with some of the
most egregiously poor choices, of which "operating system" is not the
only one.)

And Linux is far from the only choice available, and it probably
would not be the one that I recommend first.

But -- to back up quite a bit -- actually making a serious recommendation
would require seeing your design goals, and we haven't.  If we presume,
for the sake of argument, that you have powerful, clueful enemies who
are well-funded and somewhat ruthless, then other changes might also be
in order.

For example, you list:

"Strong physical protection in a liberal country as regards human rights"

If you build according to that model, then you are doing your adversaries
the favor of constructing a single, centralized, easily-identifiable,
fixed target for them to aim at.  I don't think that's a good
architecture, regardless of what you install in it.

So if you really want serious thinking applied to this at the
architectural, design, and implementation levels, then we probably need
to see some kind of documentation that goes into what you're trying
to accomplish along with some assessment of the capabilities of your
adversaries.  How large an operation is this?  How global (or not)?
What's your hardware/software budget?  What functions are you trying
to provide?  We also probably need to know what your assets are: what
are your personnel resources?  What's your training budget?  And so on.

You may also need to recognize that you're not up to this.  Could be.
Can't tell.  But it's certainly possible.  I've seen many people try
to build things that they really, truly weren't capable of building,
with disastrous results.  If that's the case, then it would be a poor
choice indeed to proceed without serious reconsideration.

---rsk



More information about the liberationtech mailing list