Cloud Hosting

Internet security

After the Year of Datasec Fail, in the wake of breach after leak after hack, its time to cop to the fact that private data security is Serious Business.

Private sector titans like Google, Facebook and Yahoo, not to mention the actual flippin US government, have demonstrated that, if theres anything in your life youd rather Vladimir Putin and/or the entire Internet not know about, youd better spit on your hands, boot up your robot of choice, and take responsibility for your own infosec.

The mere notion of handling your own information security (infosec to professional nerds like your narrator) conjures images of command lines, spaghetti code and whatever else it is tech types actually, yknow, do. If only there was an easy fix! A simple, widely applicable one-shot that would make your precious 1s and 0s safe forever.

There pretty much is. Its Linux.

Superficially, using the famous open-source operating system might seem like the opposite of security. After all, the point of open-source is that anybody can look at and futz with the code. How is that compatible with make everything hidden?

As weve ceded more and more of our lives to internet-enabled services, nothing is hidden. Cloud-based services like Google Docs and online-only offerings like Facebook and whatever Yahoos doing these days are accessible to everyone, everywhere. Thats the point. Thats their offer. Accessible to everyone is incompatible with accessible only to nice people.

The Linux fix is twofold.

First, old-school hackers (cue pounding 90s electronica soundtrack) still trading on invading your personal system generally dont bother with Linux exploits. Windows and the traditionally safer Apple are bigger, more valuable targets. Second, 5 popular distros thats particular flavors of Linux some noble white-hat nerds put together for you incorporate fixes for increasingly common Internet breaches of the kind that felled Facebook and Google.

Tails is a live OS, which means you can put it on a USB stick or disc, run it on any computer, and when you pop it out again the computer goes back to the way it was. Local hacks work by reading your logs, huge quantities of nested information your operating system hangs onto for complicated reasons. Windows does it. Apple does it. Some Linux distros do it. Tails doesnt. It also roots your internet traffic through the legendary Tor, benchmark of Internet anonymity. Tailss commitment to zero-footprint computing also has the smaller but just as welcome convenience that, if you do prefer to use it sparingly and stick with your old, less-secure OS, it leaves no souvenirs on your system; your old setup will boot like nothing happened.

If this were a 19th century novel, this entry would be called IprediaOS. Or, the Trouble with Tor. Tor prioritizes security above all else and limits Internet access accordingly. Theres a lot of stuff it wont go near, because its just not secure enough. That limits the mainstream usability of Tor, not to mention services like Tails that rely on it. IprediaOS uses a similar but less strict service, I2P, that affords access to the everyday Web with minimal loss of security. IprediaOS also comes with anonymous chat, email and BitTorrent clients.

Whonix is a unique beast. Its a virtual machine, which is (incredible oversimplification incoming!) a program that thinks its a computer and convinces others to treat it likewise. Its big offer is that it can be run as a program on the Windows and Mac OSes, making it a perfect match for anybody who only has a job or three that demand anonymity cloud-based business records, say, or anonymous blogging and is otherwise good to go with a by-the-book setup. Its also a great way to learn the basics of home infosec, since, being based on the venerable Debian distro of Linux, it plays well with Microsoft, Apple and other Linux systems.

Not a typo! This cleverly named beastie discreetly keeps your secrets by building a discrete structure, unconnected to anything else, for you to whisper them in. Its limited in function compared to the other services listed, functioning primarily as data storage and anti-malware/spyware/Trojan solution, but it is very good at those things. Its in beta at present, and as is a betas wont theres a bug or two to shake out, but it has real promise as a data security tool.

Qubes is the Whonix solution raised to the level of an operating system. It compartmentalizes your work as separate virtual machines, limiting any compromise in security to one set of services, with no chance of spreading to more vulnerable areas. Qubes even color-codes your machines for you, with colored frames indicating the potential security vulnerability of a given VM. So, if you set up one machine as straight data storage with no access to the outside world, thats about as secure as data gets and Qubes will tell you so. The machine you do your web browsing in will be coded otherwise. Better still, Qubes provides a secure data-transfer solution that lets you move information safely between machines. Last September Edward Snowden, a man understandably interested in information safety, tweeted If youre serious about security, @QubesOS is the best OS available today. Its what I use, and free. Nobody does VM isolation better. Cant say fairer than that.

Obviously, as is made clear by the monolith of text above, infosec is an enormous topic.

That said, dont let it scare you.

Get educated on the subject and in a week of digital futzing youll be warm in the knowledge that you do security better than the smartest, richest, most powerful people in the world. Happy (white hat) hacking!

Originally posted here:
Paranoid about internet security? Here are the most secure OS options - The American Genius