Hey Roman,
Although it isn't worded very friendly, helpful or welcoming, Jonathan
tries to express that in IT, there is no such thing as being 100%
secure. He has a point, but... So, I'll try to be more helpful.
Every system is, eventually, breakable. A bit more helpful answer would
be: It all depends on your needs. It makes great difference if you're developing websites for, say, some secret service, or for the local
pizza shop. There is a bottom line, of course. If you work on a system
that isn't updated and you don't bother to pay any attention to any
operational security then chances are that you'll be hacked. And then,
even the local pizza shop won't be happy with you. But, if you're
developing such a low-profile website, chances are slim that some
nation state hacker will break into your house and try to decrypt your
hard drive while you're having a pizza (in that pizza shop of course,
keep your customer happy 🙂. The cost of such an operation is far
higher than the possible win of it.
So ask yourself: Do I really need 100% security? Or do I want to avoid
to fall victim of, say, something like ransomware or some random script
kiddy that scans the web for vulnerable computers?
In the latest case, my answer is: There's a fair chance for everyone to
avoid being hacked. A good start is your consideration to switch from
Windows to Linux. Just because Windows is used far more often, and by,
usually, far less knowledgable users, there is simply far more to win
for hackers if they attack Windows than Linux. But, simply switching OS
is not enough. So, before you start you should consider to follow some guidelines. A first is to not use your current installation to download anything on, that you consider to use later. You can use some other
device to download some ISO and verify the checksum afterwards and then
copy that ISO to a USB device, or a real CD-rom. Then you have a
reasonable chance that you have the software that was offered on the
download page. Whether that software is free of trojans or virusses,
no-one can 100% guarantee you. But, as said, you have a fair chance.
So, then you install the OS on your computer, and then you probably
want to be able to access your old files. Before you do so, install
anti-virus software (ClamAV is, what I've heard, the most popular tool
for Linux, don't forget to update the database, however).
You have to more, though. Spend some time on configuring your firewall
(in modern Debian that would be Firewalld (which configures netfilter).
Another thing is to enable the Debian security package repository and
regularly (anytime you start working, or create an hourly cronjob)
update and upgrade your packages. If a new kernel is delivered, reboot.
It won't stop there. If you're not already using it: start using some
password manager (1password, Lastpass, Keepassxc are all good ones) and
change the passwords of all the accounts you have. You cannot
exaggerate this. Every account you have should have a unique, complex, password. If you can: enable whatever form of second factor
authentication you can find.
I wrote this late evening, so, probably many other, smarter people will
notice things I forgot to write. And, as, in general, the Linux
community thrives by helping each other: they will tell us what I
forgot. And hopefully you will get much more helpful answers to your
follow-up questions. Because the basis of your question is a good one
and clearly, the cynical answer you got is not what you deserve.
Good luck with your switch to Linux, welcome in the Linux world and
from now on: your journey begins. It will, at times, be difficult. But
if you're willing to learn, you'll probably never regret this step. And
later, please do answer questions if you think you can be of a help to
others.
Kind regards,
Alex
On Sun, 2023-01-22 at 12:30 -0600, Jonathan Hutchins wrote:
The only way to achieve 100% security is to totally disconnect the
computer, including any power connection. You are still vulnerable
to
physical attacks, so for total security destroy all of the
components.
Hello. I'm a Windows 10 user. Unfortunately, I've used a lot of cracked programs in the past. I want to switch to debian and use only legal
software. I want to write debian netinst to a flash drive. Is it
possible that the distribution on the flash drive will be hacked
through a Trojan or the sources of downloaded files from the server
will be changed during installation? I create websites. It is important
for me to know that my system is 100% secure and information is not
shared with third parties.
<html><head></head><body><div>Hey Roman,</div><div><br></div><div>Although it isn't worded very friendly, helpful or welcoming, Jonathan tries to express that in IT, there is no such thing as being 100% secure. He has a point, but... So, I'll try to be
more helpful.</div><div><br></div><div>Every system is, eventually, breakable. A bit more helpful answer would be: It all depends on your needs. It makes great difference if you're developing websites for, say, some secret service, or for the local pizza
shop. There is a bottom line, of course. If you work on a system that isn't updated and you don't bother to pay any attention to any operational security then chances are that you'll be hacked. And then, even the local pizza shop won't be happy with you.
But, if you're developing such a low-profile website, chances are slim that some nation state hacker will break into your house and try to decrypt your hard drive while you're having a pizza (in that pizza shop of course, keep your customer happy 🙂.
The cost of such an operation is far higher than the possible win of it.</div><div><br></div><div>So ask yourself: Do I really need 100% security? Or do I want to avoid to fall victim of, say, something like ransomware or some random script kiddy that
scans the web for vulnerable computers?</div><div><br></div><div>In the latest case, my answer is: There's a fair chance for everyone to avoid being hacked. A good start is your consideration to switch from Windows to Linux. Just because Windows is used
far more often, and by, usually, far less knowledgable users, there is simply far more to win for hackers if they attack Windows than Linux. But, simply switching OS is not enough. So, before you start you should consider to follow some guidelines. A
first is to not use your current installation to download anything on, that you consider to use later. You can use some other device to download some ISO and verify the checksum afterwards and then copy that ISO to a USB device, or a real CD-rom. Then
you have a reasonable chance that you have the software that was offered on the download page. Whether that software is free of trojans or virusses, no-one can 100% guarantee you. But, as said, you have a fair chance.</div><div>So, then you install the
OS on your computer, and then you probably want to be able to access your old files. Before you do so, install anti-virus software (ClamAV is, what I've heard, the most popular tool for Linux, don't forget to update the database, however).</div><div>You
have to more, though. Spend some time on configuring your firewall (in modern Debian that would be Firewalld (which configures netfilter).<br>Another thing is to enable the Debian security package repository and regularly (anytime you start working, or
create an hourly cronjob) update and upgrade your packages. If a new kernel is delivered, reboot.</div><div><br></div><div>It won't stop there. If you're not already using it: start using some password manager (1password, Lastpass, Keepassxc are all good
ones) and change the passwords of all the accounts you have. You cannot exaggerate this. Every account you have should have a unique, complex, password. If you can: enable whatever form of second factor authentication you can find.</div><div><br></
<div>I wrote this late evening, so, probably many other, smarter people will notice things I forgot to write. And, as, in general, the Linux community thrives by helping each other: they will tell us what I forgot. And hopefully you will get much
more helpful answers to your follow-up questions. Because the basis of your question is a good one and clearly, the cynical answer you got is not what you deserve.</div><div><br></div><div>Good luck with your switch to Linux, welcome in the Linux world
and from now on: your journey begins. It will, at times, be difficult. But if you're willing to learn, you'll probably never regret this step. And later, please do answer questions if you think you can be of a help to others.</div><div><br></div><div>
Kind regards,</div><div>Alex</div><div><br></div><div><br></div><div>On Sun, 2023-01-22 at 12:30 -0600, Jonathan Hutchins wrote:</div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><div>The only way to
achieve 100% security is to totally disconnect the <br></div><div>computer, including any power connection. You are still vulnerable to <br></div><div>physical attacks, so for total security destroy all of the components.<br></div><div><br></div></
blockquote><div><br></div><div><div><span style="font-size: 14.666667px;">Hello. I'm a Windows 10 user. Unfortunately, I've used a lot of cracked programs in the past. I want to switch to debian and use only legal software. I want to write debian netinst
to a flash drive. Is it possible that the distribution on the flash drive will be hacked through a Trojan or the sources of downloaded files from the server will be changed during installation? I create websites. It is important for me to know that my
system is 100% secure and information is not shared with third parties.</span></div></div><div><span></span></div></body></html>
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)