June 29, 2009, 12:13 pm
My weekend was a nice balance of relaxation and thinking--provided by a good book (The Unincorporated Man), a trip to the beach, and a very thought-provoking question from a Linux.com reader.
See? I do read your e-mails.
The question came from one Oscar Slone, who wrote:
"Curiosity has gotten the better of me, so here comes my question: as an OS is Linux well protected from censorship attacks or cyberwar? There's been a lot of news lately about both those activities."
When I read the question Sunday morning, I fired off this reply:
"That's a very interesting question. The more secure nature of a Linux machine makes it very difficult to attack an individual's machine from the outside. That kind of direct attack is much harder to do on a Linux machine than another OS.
"But, unfortunately, censorship is an attack that is implemented on the network that individual machines connect to. If a government or other agency closes down the network, or filters information going through it, then censorship is applied no matter what kind of computers are being used. An analogy: if the government closes the roads, then it doesn't matter if you are driving a Yugo or a Porsche--you're still not going anywhere."
As the day progressed, I gave the problem some more attention. While I believe my answer was correct on a surface level, it seemed incomplete. Then it hit me: yes, an intrusive government might not be able to hack your Linux system as easily, but if they control the pipes, not only could they throttle the traffic, but they could capture the traffic sent from any system, Linux included, and know where the traffic was coming from.
I made the mistake most Americans and other residents of nations where the rule of law is faithfully applied will make: I assumed that a warrant would be needed to get at me and my machine. In some nations, no such safeguards are guaranteed. Faced with that prospect, even a well-secured Linux machine can be a beacon that says "here I am" to government crack-downs where property and even personal safety are not a given.
So I did a litte digging and, Oscar and everyone else, it turns out that Linux is indeed a better-suited operating system for keeping information flowing even when the powers that be might object. The trick, which I failed to mention in my first reply to Oscar, is anonymizing your traffic so that no one knows from where in the world you are sending.
A very good tool, about which I have heard many good things, is Tor, which according to the project's website, is a
"[N]etwork of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
"Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses."
Tor is available for quite a few Linux distros, so if maitaining your privacy on the Internet is something you want to do--or must do--I urge you to check it out by downloading and installing the software.
There are, of course, other facets of security that are useful to keep information flowing in times of duress. As I told Oscar, Linux is very good by default at keeping people outside of individual systems, but it can be tightened even more than it comes right out of the box by taking steps that include:
- Enforce a strong password policy
- Don't run cutting edge software, keep important apps at the latest stable releases
- Apply security updates religiously
- Monitor and lockdown your ports
That's just an overview, but you get the idea. There are scads of articles out there about hardening Linux (including some coming soon here). Find them and apply them if you are serious about privacy and security.
As to the "coming cyberwar," I do have concerns that the future may bring a whole host of new problems from belligerent agencies sponsored by governments or illicit enterprises, though I am not overly freaked out by it as some are. History has demonstrated that as soon as we invent something, we usually find a way to inflict damage or injury with that invention. With that in mind, I do take comfort in running Linux. Nothing's completely bullet-proof, of course, but added security is always a good thing, at least for peace of mind.