The items, tools and ways on this page are a first line of defense.
- Choice of OS
- Encryption strategy
- Turn camera off
- Turn microphone off
- Manage passwords
- Learn to use a firewall
- Configure sysctl
- Further hardening debian host
- Maintain integrity of system
Choice of OS
Windows is a closed box, you never know what you gonna get and it doesn’t look like chocolate to me. Oh, wait …
Linux is the best choice for a secure and private OS. It is free as in “users have the freedom to run, copy, distribute, study, change and improve the software” and there is no money trail linking to a product ID.
There are several linux distributions to choose from. Debian is probably the most secure option. Some of the items below are only for securing linux (hosts) (*).
Choose your encryption strategy in alignment with your threat model. All Operating Systems (linux, windows, mac) support Logical Virtual Memory (in alphabet-soup-speak named “LVM”). If you are setting up a dedicated (more) secure host for running virtual machines, full disk encryption is recommended.
Turn camera off
Tape the camera. It may even be possible to turn it off in BIOS (depending on your version).[linkview show_cat_name=”0″ cat_name=”Camera”]
Turn microphone off
Windows: Go to Control Panel -> Sound -> Recording and right-click and choose “disable” and then ‘OK’. Or, in Hardware -> Manage Audio Devices -> Sound you can configure the microphone.
Linux: Mute it using alsamixer.
Mac: Launch System Preferences, click on Sound, select “Line-in” on Input tab, and close. As long as you don’t actually have any audio input device connected, such as an external microphone or some other line-in device, this method is very effective.
Using a password manager allows you to load passwords in your clipboard, making it hard to catch it with a keylogger (if any). And all good password managers allow you to generate passwords, making the passwords independent from your personal preferences and harder to crack. If you want to try your hand at cracking your own (current and new) passwords, try one of these.[linkview show_cat_name=”0″ cat_name=”Organise and encrypt passwords”]
Learn to use a firewall
One of the must have component on your computer is a firewall:
[linkview show_cat_name=”0″ cat_name=”Firewall for Beginners”]
In computing, a firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic by analysing the data packets and determining whether they should be allowed through or not, based on applied rule set.
Configure sysctl (*)
sysctl is a tool for examining and changing kernel parameters at runtime.[linkview show_cat_name=”0″ cat_name=”sysctl”]
Further hardening debian host (*)
Run Tiger and further harden your host.[linkview show_cat_name=”0″ cat_name=”Hardening debian”]
Integrity of your system
Keep your system up to date. Defend your system from keyloggers, viruses and worms. Use intrusion-detection-systems.
Having an open wireless network can be a major security risk. Anyone close enough to your router, a neighbour or a war driver, could potentially gain access to your network. Even when disallowing wireless, it is a good idea to manage that box.