Changes between Version 7 and Version 8 of TrustedPhysicalConsole

Mar 18, 2008, 2:51:22 PM (10 years ago)
Daniel Kahn Gillmor



  • TrustedPhysicalConsole

    v7 v8  
    5858=== Cryptographic Communications ===
    59 ''This section will be fleshed out soon.''
     60Communicating over a heavily-mediated network opens your communications up to sniffing (people seeing your communications who shouldn't) and spoofing (people pretending to be you, or pretending to be the entity you think you're communicating with).  Cryptographic protocols help you to avoid that by offering powerful math designed for privacy (against sniffing) and authentication (against spoofing).  But the logic behind them only works when you are actually in full control of your endpoint of the communications channel.
     62Using a TPC gives you the opportunity to remain in control over your side of the communication, but only if you pay attention to what you are doing.  For example:
     63 * When using [wiki:OpenSSH ssh] to connect to a remote host, you should always make sure you're connecting ''from'' your TPC -- don't ssh from one machine to the next in a chain, for example (see also [ Good practices for using ssh]).
     64 * When connecting to a web site running under HTTPS, connect from the browser running on your TPC, and avoid the use of proxies (unless they only operate at the IP level) or redirection services.
     65 * Make sure you verify the identity of the remote party in any secured communication!  With SSH, this means verifying the host key.  The first time you connect, you'll be presented with a fingerprint, which the host's administrator should have supplied you with beforehand.  With HTTPS or any other TLS-wrapped service, this means making sure the remote certificate is valid and that you trust the issuer to only issue legitimate certificates.
     66 * Be aware of the types of cipher used in encrypted communications that you expect to be private.  For example, TLS [RFC:2246#section- permits a NULL cipher] which does not keep the communications private at all.  If you don't care about privacy (e.g. when you're accessing a publicly-accessible revision control system -- you want it to be authenticated, but don't care about people seeing what you send or receive), using the NULL cipher is fine.  But when you do care about privacy, do you know that your communications are using something more cryptographically sound?
    6268=== Backups ===
    8692For doing solid computing work on a portable machine, nothing beats a decent, reasonable-sized keyboard and an XGA (1024x768) video display.  but these are big things, and are a pain to carry around.
    8793==== Durability ====
    88 The more durable the machine is, the heavier it is.  This is a poor tradeoff for folks who want to take their TPC with them everywhere.
     94The more durable the machine is, the heavier it is.  This is a poor tradeoff for folks who want to take their TPC with them everywhere.  As new technologies arise, though, some systems can be lighter ''and'' more durable.  For example, solid-state storage is both lighter and more durable than a traditional hard disk.
    8996==== Power Consumption and Batteries ====
    9097Batteries still suck.  Modern portable processors and hardware draw less juice than ever before (with the exception of wireless adapters, which need power for their radio transmission), but they can still pull a decent battery down to nothing in a handful of hours.  Bigger batteries add to the weight of the machine.