wiki:org/meetings/2013SummerDevMeeting/OpSec

Operational security for Tor people

Random notes

There is currently no such thing as "how Tor does it".

Use a password manager.

Hardware mods:

  • Desolder the microphone.
  • Remove the cell phone modem PCI card.
  • Remove the antena.

Still an issue on some laptops: Intel AMT. Kinda embedded rootkit. Not many way to remove it.

TrekStor USB stick looks like they have a working write protected switch.

"Nemesis inside" talk at CCCongress about Embedded Controller backdoors.

Use crypto tokens.

How to get Moritz report? How to work on server security and relays?

How to train 3rd parties? Organisational measures to better reflect the changes in our security culture.

Last modified 9 months ago Last modified on Jul 23, 2013 1:57:31 PM