[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Lavabit and End-point Security

To: coderman <[email protected]>
Subject: Lavabit and End-point Security
From: [email protected] (Steve Furlong)
Date: Sun, 11 Aug 2013 06:51:32 -0400
Cc: [email protected]
In-reply-to: <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
References: <20130809144310.GA29800@tuzo> <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>

On Sun, Aug 11, 2013 at 5:27 AM, coderman <[email protected]> wrote:

> if i were to summarize what i have found effective against dedicated
> and resourceful attackers (again, i can't go into details :) this
> would be the top 5:
>
> 1. use a common distro, but rebuild critical components - bootloader,
> initramfs, openssl, openssh, the kernel, gnutls, libgmp, use 64bit,
> etc.
>

By "rebuild" do you mean compile it yourself or are you talking full-up
review and rewrite? The former should be no problem for anyone capable of
setting up a secure hosting service. The latter is probably beyond the
means of small teams in any commercially reasonable timeframe.

-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20130811/43634e24/attachment.html>

References:
- Lavabit and End-point Security
  - From: [email protected] (Sean Alexandre)
- Lavabit and End-point Security
  - From: [email protected] (coderman)

Prev by Date: NSLs, gag-orders, code-changes, coerced backdoors - any tech response? (Re: Lavabit and End-point Security)
Next by Date: Moonlet
Previous by thread: NSLs, gag-orders, code-changes, coerced backdoors - any tech response? (Re: Lavabit and End-point Security)
Next by thread: Lavabit and End-point Security
Index(es):
- Date
- Thread