On Fri, Aug 9, 2013 at 7:43 AM, Sean Alexandre <sean@alexan.org> wrote:
... this says Lavabit's security was so good they couldn't back door his machines....
I'd love to see some kind of write-up by Ladar about how he did this...maybe even a book.
i've been contemplating a write up about this, but the problem is once you advertise your methods they become less effective. there really is "security through obscurity" in this sense; when at a resource disadvantage, every little bit counts... if i were to summarize what i have found effective against dedicated and resourceful attackers (again, i can't go into details :) this would be the top 5: 1. use a common distro, but rebuild critical components - bootloader, initramfs, openssl, openssh, the kernel, gnutls, libgmp, use 64bit, etc. 2. use isolation and RBAC, Qubes, VirtualBox, VMWare, Parallels, remember that VM escapes are available and expected. defense in depth can never be too deep. 3. use constrained network access - identify anomalies, control bandwidth, firewall ingress and egress aggressively. this implies constant monitoring to detect such events. (another exercise left to the reader) 4. rootkit and backdoor your own systems - use the dirty tricks to observe and constrain your system before someone else uses dirty tricks to compromise your system. 5. don't forget physical security - this is the universal oversight and most effective end run around all other operational and technical security measures. there is a reason physical access so often implies "game over" and why black bag jobs are still and will continue to be effective against all targets. perhaps more later,