Threat Model: Parents

Mirimir mirimir at riseup.net
Sun May 31 00:48:10 PDT 2015 

On 05/31/2015 12:15 AM, Cathal (Phone) wrote:
> Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

That's excellent advice ... to someone who owns the machine. I'd say
also to use LUKS. But maybe here that would dramatically escalate the
confrontation. And there's also the lack of physical security.

Zenaan's advice is more appropriate in a child-parent context. If that's
impossible, the best option is probably doing private stuff elsewhere.

> On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <thetransintransgenic at gmail.com> wrote:
>> Hi.
>>
>> I'm trying to help (probably badly, but..) a friend deal with parents
>> that
>> they expect are spying on them.
>> I know that in general, it's impossible to secure a computer that you
>> can't
>> trust and don't necessarily have administrator privileges to.
>>
>> But their parents are not exactly the NSA -- any spying that's
>> happening is
>> almost definitely some sort of product, plus basic things like maybe
>> looking through their history. (I don't know much about they're
>> situation
>> -- maybe they know more, so
>> well-if-you-know-they-do-this-then-you-could-do-this type advice would
>> still be helpful.)
>>
>> Would antivirus be able to detect spy-on-your-kids products? Would they
>> be
>> able to scan their computer with like Immunet or something, even if
>> they
>> didn't have administrator privileges?
>>
>> Tor would probably help -- unless the monitoring was looking at the RAM
>> or
>> something for website names, which would be way overkill on a
>> commercial
>> product, no? Or (more likely) if it was taking screenshots at regular
>> intervals, which would also break running a VM or something. (Is there
>> any
>> way to detect taking screenshots?)
>>
>> I know probably the best thing would be running TAILS as a LiveCD --
>> the
>> problem with that is that it's REALLY obvious over-the-shoulder.
>>
>>
>> Um, thoughts about any of those?
>> Any other things about parents as a threat model in general?
>>
>> I know this is pretty far from what is usually discussed on here, but
>> I'm
>> really interested in what you think/it would potentially help a lot of
>> people.
>

More information about the cypherpunks mailing list