I’m personally motivated in a non-commercial way to supply everyone with as much cybersecurity as possible in the interests of civlization, especially now. I’ve just finished what I wanted to releae as “set” 2 days ago and it’s time to announce them.
I’m the former Web Application Security Team Lead for the National Computer Center, Research Triangle Park, having been contracted to the EPA by the now defunct Computer Sciences Corporation.
If you have some extra hardware not really being used I would suggest perhaps a great use of it would be to create yourself a hardened platform, just in case, to protect your sensitive data on an emminently stable platform going forward.
Maybe you’ve always wanted to try a BSD, well now is a great time to do that. They are super stable, super reliable, community drive, and you are in control of everything.
I would also like to mention that if you’d like to go extra hard consider Hardened BSD. Another alternative is using grsecurity/PaX kernel patched Alpine Linux as a Desktop choosing crypt
full disk encryption during setup + AppArmor.
Just as an example you can get your hands on a $250 Thinkpad T495 and installing GhostBSD on it is as simple to setup as Linux Mint and runs as fast as a brand new 2023 Windows laptop. If you choose Dragonfly BSD, the fastest BSD, on a T495 (the lastest year fully BSD compatible laptop), my repo will completely configure it for you, complete with all applications needed for a professional developer.
In addition to that I’ve created a Network Based Firefox hardening solution that wipes the extremely profitable, For-Profit, Mozilla Corporation off your Internet and easily combines with Arkenfox. It removes Mozilla servers from being contacted by any application or service on your machine and does not interfere with web page rendering.
I’ve created my own Git Repository using Gogs (which Gitea is based on) where you can get all the goods here:
Latest Software
Main Website
https://www.quadhelion.engineering
About
https://www.quadhelion.engineering/about.html
Backup GitHub
Backup BitBucket
https://bitbucket.org/quadhelion-engineering/workspace/repositories/
Ok, color me intrigued. I’ve got some general questions
Bringing the big brain out on me! This is off the cuff.
2a. With anything of this type, the most obvious risk is to my own reputation. Security is a field burdened with responsiblity, people come to rely on it, what if they get hacked using my repo? I only took on things I spent months understanding and testing absolutely everything by hand. I limited myself to only distributions I could juggle, use daily, so I could be responsive to needs.
2b. Risk is competing objectives. FreeBSD and thus it’s reliants, Ghost and Dragonfly, are in a strange position right now. FreeBSD is Linuxifying itself and adding more Corporates Sponsorships than ever in a path away from traditional BSD security. This presents itself a potentially competiing ethos situation for me, but not yet.
2c. OpenBSD is used by world security intelligence agencies and I hear the DoJ. Am I without my knowledge picking sides here and favoring some entities over others? Famously DARPA and FBI backdoor right? I researched the OpenBSD Sponsorship list carefully and asked around. The OpenBSD availability (at least of the version we use!) is equitable and I purposely put out an OpenBSD honeypot to see which entities would try to compromise it! Results: Fair.
The paths forward on that are gruesome to be honest as what would be best would be something like a randomly selected group of High School Science Fair finalists and Waitresses to form a Governance body with teeth to dissolve Corporations completely for profiteering off populace private data, genetic data, financial data, and the engineering decisions that are ubiqutously driven by them when determined that a Corporation or other Government body is acting against out future.
I appreciate the responses, I know they’re not simple questions that lend themselves to quick answers.
As a follow-up:
I would say they all apply in different ways, but it’s clear you come from a backend architecture perspective, so I’m not surprised Universal Design isn’t a concept you have run into previously. No hate, just interdisciplinary acknowledgement that some topics never get traction in other areas.
Now that is also intriguing! I… won’t get into asking how you were able to attribute parties to that, even if I am very tempted.
Yep, I’m on board with that. One of my personal areas of interest is how we shift that focus, hence my interest in your approach.
Mmm, as an enforcement system, yes, but I’m unsure they ever really were designed for that. I think they still have some very important things to contribute to ethical engineering. But that’s another topic altogether too.