Client Devices‎ > ‎Linux PC‎ > ‎

Security Laptop

These pages describe how to build a secure laptop

  1. There are always trade offs so we will attempt to explain our decisions
    1. Why virtual machines
      1. Separate physical machines are much safer but travel with multiple laptops is a problem
      2. I want my sensitive processing done on a virtual machine anyway
        1. IP addresses might leak out but a NAT address is meaningless
    2. Why NOT virtual Machines
      1. A 16 GB laptop with a very good CPU can't keep up with 3 VM's
      2. 5 or 6 VM's takes considerable time to maintain
    3. My solution a hardened Linux Laptop with a couple of VM's
      1. TOR VM for isolation
      2. Experimental VM's
      3. Dirty VM for activities I think might not be safe 
  2. Functional Requirements
    1. Secure Hardware 
      1. Pick best not perfect
      2. Hardware backdoors are extremely hard to find or mitigate
    2. Secure Operating System 
      1. Pick Best not perfect
      2. Opensource has less of a chance of backdoors than proprietary
      3. Vendor reputation is some help but not much
        1. In the land of the free and the home of the brave, a Secret Court, using a Secret interpretation of the law, allows the Secret Police to give Secret orders (National Security Letters) to citizens forcing them to put back doors into their commercial products
    3. Secure Applications
      1. Opensource has less of a chance of backdoors than proprietary
    4. Secure Network
      1. Ability to use networks, including the Internet
  3. What we must protect 
    1. Confidentiality
    2. Integrity
    3. Availability
    4. Privacy
  4. Who will be attacking us
  5. Procedure
    1.  Build Host
      1. This is the physical laptop