Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Ubuntu Privacy Remix remix?

Eugen Leitl eugen at
Thu Nov 7 03:42:58 PST 2013

On Wed, Nov 06, 2013 at 01:21:20PM -0800, Matt Johnson wrote:

> Sorry Eugen, I am still not getting it. You will author content in
> isolation, without reference to any information at all? Or perhaps in

Let's say you're a journalist working with Snowden's leaked documents.
Would you be comfortable with keeping any of these materials online
at any time? 

> a library with books on paper? When I author something I constantly
> refer to other material.

Nobody prevents you from referring to external materials.
This is why you buy an additional machine, and keep it stricly
quarantined. And you *should* try to keep your main Internet-facing
machine secure (e.g. by compartmentalization, and using hardened,
amnesiac virtual appliances, preventing targeted spearphishing
by using anonymization), just do not expect that it's a complete
protection. Even an air-gapped machine is not a complete protection,
if your physical security is inadequate to prevent an evil maid
attack, or a TEMPEST attack. It all depends on your threat model.
> Lets say you write something, then burn it to CD and transfer it to a
> networked system and send it out. Isn't it now subject to traffic
> analysis and perhaps malware injection? It is only secure if you

Use anonymizing networks and encryption against traffic analysis
and tampering with documents.

> author it and never move it from the air gaped computer.

This is incorrect. You can move your documents back and forth,
provided you take precations about what you transfer, and how.
> If you take Griffin's point that connecting a USB stick, or external

You'll notice e.g. Bruce Schneier made very specific recommendations
about using sneakernet for document transfers. Your chiefest potential
vector is sloppy code in USB device insertion processing. I'm not sure 
hotplug SATA or CF is any better. This is something which needs
focused attention.

> hard drive is dangerous, and that PDFs are dangerous then I don't

Security is never boolean. You can avoid richer formats, or revert
to safer (e.g. PDF-A) forms to minimize attack surface exposure.

> think you can do much with that air gaped computer. I am asking a
> serious question, what are realistic use cases for an air gaped
> computer?

Keeping your main keys for signing really important materials, and
proof if identity. Keeping extremely sensitive documents secure.
Every activist should have one. Buy a used notebook, have it modified
by technical people you trust to minize risk if it really matters.

More information about the liberationtech mailing list