Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Don't forget the most important security considerations: (1) choose a hardware and OS combination where none of your I/O hardware (video, audio, wifi, etc.) is supported, so that it can never be used to exploit your system; (2) choose an OS so obscure and weird that a potential hacker is guaranteed to have never even heard of it, and would need to study your specific machine for months to make heads or tails of it

Just joking, I love OpenBSD



Unsupported devices can always become somehow supported and enabled. To harden computer, you remove WiFi cards, cut on-board antennas, desolder mics and speakers, desolder USB ports...

I did that for computer that was used to sign bitcoin transactions offline. User typed hashes manually...


> Unsupported devices can always become somehow supported and enabled

Be very careful if anonymous developers suddenly contribute OpenBSD drivers for every single component in the 20 year old garage sale laptop you use for hosting an "online store" on TOR


choose an open source OS that the FBI can download and spend months exploiting.

then be an oddball in the ecosystem to the point where you're obvious and stand out dramatically.

kinda like how one of the FBI's MONSTER email filters they looked for was anything BSD




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: