[liberationtech] Ubuntu Privacy Remix remix?

Wed Nov 6 16:06:40 PST 2013

On Wed, Nov 6, 2013 at 3:56 PM, Jonathan Wilkes <jancsika at yahoo.com> wrote:
> On 11/06/2013 04:21 PM, Matt Johnson wrote:
>>
>> Sorry Eugen, I am still not getting it. You will author content in
>> isolation, without reference to any information at all? Or perhaps in
>> a library with books on paper? When I author something I constantly
>> refer to other material.
>
>
> You know most computers come standard with harddrives where you can store
> documents and stuff.  It's kind of like the cloud, except on your own
> computer and without a requirement to agree to an incomprehensible,
> probably-evil ToS.
>
>
>>
>> Lets say you write something, then burn it to CD and transfer it to a
>> networked system and send it out. Isn't it now subject to traffic
>> analysis and perhaps malware injection?
>
>
> It's not subject to malware injection if it's signed with a Bitcoin key, or
> a PGP key, etc.
>
> It's not necessarily subject to traffic analysis if one distributes it over
> Tor.  But even if the non-air-gapped machine running Tor gets pwned with a
> zero-day or some other type of attack through the internet, the attacker
> does not get the Bitcoins/PGP private key, etc., because those things are
> only found on the air-gapped machine.
>
>
>>   It is only secure if you
>> author it and never move it from the air gaped computer.
>
>
> See above.  Even so, you seem to be ignoring the most important use cases
> where the reference material is only stored on the air-gapped machine.  I'd
> assume that's how the journalists reporting on the Snowden leaks work.  (Or
> at least they should.)
>
>
>>
>> If you take Griffin's point that connecting a USB stick, or external
>> hard drive is dangerous, and that PDFs are dangerous then I don't
>> think you can do much with that air gaped computer. I am asking a
>> serious question, what are realistic use cases for an air gaped
>> computer?
>
>
> Protecting leaked documents and Bitcoin tokens are the two most obvious
> cases.  Essentially any case where you cannot afford for the data to get
> stolen, but where it's impossible or impractical to use non-digital media
> like paper.
>
> -Jonathan
>

Jonathan, I don't think you are following the whole thread. I
understand the value of removing a computer from the network, once you
have installed the software you need and put the data you want on it.

Griffin suggested never connecting a USB stick, or external drive or
copying PDFs to the air gap computer. I have asked how that air gaped
computer would be useful.

Apparently the point is too subtle.

--
Matt Johnson

> --
> Liberationtech is public & archives are searchable on Google. Violations of
> list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
> change to digest, or change password by emailing moderator at
> companys at stanford.edu.