:: Re: [DNG] Devuan ASCII Live USB sec…
Góra strony
Delete this message
Reply to this message
Autor: Andrew McGlashan
Data:  
Dla: dng
Temat: Re: [DNG] Devuan ASCII Live USB security issue
Hi,

On 27/09/18 06:01, Jaromil wrote:
> On Thu, 27 Sep 2018, Andrew McGlashan wrote:
>
>> I've been using a live USB of Devuan with XFCE, I boot it to RAM
>> and then setup my temporary environment from a different LUKS
>> encrypted USB.
>
> have you tried https://heads.dyne.org?


I definitely like the idea of heads, particularly over tails.

But my setup actually uses both the Tor network and the clear net;
most downloads and browsing are over Tor using privoxy, except when I
really want something and it is denied just because I am using the Tor
network. Palemoon normally transits using socks5 proxy (Tor), with
some exceptions. Firefox is set to go direct. Thunderbird also used
the proxy. Most times when websites block me for using Tor or even
uBlock Origin and uMatrix to stop tracking and lessen advertising
rubbish, then the content is often available elsewhere -- if they want
to lock me out, then I'll find alternatives. Just like I use Devuan
over Debian as my alternative to avoid the cancer of systemd.

I'm concerned that heads is too far behind in terms of security, the
last release was some time ago now, I have been keeping an occasional
eye on it. The last release being 2018-03-26 (6 months ago). Tails,
which I hope to stop using one day has had a number of releases in
that time frame. Don't get me wrong, I do want heads to win over
tails here for sure.

In any case, tails and one day heads instead will have their place for
my usage, but I need more than either of this for everyday tasks.

> is a Devuan derivative based on Beowulf (current testing) hardened
> for security, routing all traffic through tor and removing all
> non-free firmware (100% free). Maybe it works for your case, maybe
> not (the persistent setup aka "nesting" is not yet there) but since
> you seem to have all the persistance scripts by yourself, this live
> USB may do well for your purpose.


All of which is why I will definitely be preferring heads over tails,
but down the track.

Kind Regards
AndrewM