1 - don't allow physical access to your machine. If you are worried about nation state actors, consider filling firewire and usb slots with super glue.
Ouch. I was thinking, "What if you unplugged the monitor cable...?" but thats even worse.
Still, when I was going to go on a tour of LANL (I decided it wasn't worth divulging my SSN, in case it was misplaced), they made it very clear that cell phones, USBs, etc. were not allowed; I'm not sure if I would have actually been searched, however. (Not that I was remotely tempted to push it.)
That was a long time ago. Today you can get such tiny devices that theres no way they could find them. Perhaps you could modify the firmware on something like this, and swallow it;
You're right but you can reasonably expect some security patches now that it's been published, at least in the Linux world. Hopefully Apple could follow.
Until then, you might perhaps consider using *BSD.
"A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet the company waited more than 1,200 days to fix the flaw."
But yes, I agree you should go with OpenBSD if you're worried about this:
"By default, [OpenBSD] is the most secure general purpose operating system out there. The proof in the pudding? The fact that it suffered only two remote attack vulnerabilities in the last decade serves as solid evidence of its stringent security and strict auditing policy. Moreover, OpenBSD lacks a large enough attack surface (care of running numerous web applications) for hackers to exploit."
I haven't seen any indication that FinFisher is using deliberate backdoors from MS; from the article it sounds like it's just installing your typical spyware via exploits in things like PDF and XLS files.
But as wslh points out, the assertion that metro's sandbox makes things more secure isn't accurate. I can't get to the dropbox page either, so I'm not sure whether it's saying "FinFisher isn't able to eavesdrop on metro for technical reasons" or "FinFisher can't eavesdrop on metro because they haven't implemented that yet."
Either way, isn't this a separate issue from any surveillance access Microsoft is providing? One is local spyware grabbing your communications on your computer, and the other Microsoft grabbing the data as it goes through the Skype servers. I know Microsoft has that capability for text chats [1], and I assume it's the same deal for audio streams.
Making the Skype client less vulnerable is no more closing law enforcement access than if Apple they fixed a vulnerability in Mail.app while continuing to hand out your iCloud emails to law enforcement agencies.
If the feds want to listen in on your calls they have several options:
1.) Use a 0day exploit in Skype client software.
2.) Use the LE backdoors on the local machine.
3.) Install a rooted version of Skype using some other Windows
0day or LE backdoor.
4.) Just record any sound the microphone hears.
5.) Capture traffic as it travels across the backbone.
6.) Capture traffic as it travels through Microsoft's
central servers.
7.) Capture traffic at the other end if the callee is using
an old version of Skype.
Saying "the feds can't spy on you if you use Metro Skype" is in one narrow sense true, and in a wider sense outrageously, mendaciously false. If they can't do #1, they'll do #2-7.
The noise I've heard about FinFisher has been less about its use in Western countries, and more about Gamma selling it to oppressive regimes that use it against protestors.
If your goal is to keep your calls away from Egypt's State Security Investigations Service, by all means use metro Skype. If you're trying to hide from a country with law enforcement access to Skype's backend, then don't. But I don't see what the latter has to do with FinFisher.
As far as recording things from the mic outside of Skype, if FinFisher does that you're probably toast regardless. I haven't dug into the technical details, but I've seen it mentioned that it can deliver arbitrary payloads. Someone who reads through the doc dump will hopefully be able to confirm what exactly they've been doing with it.
Yeah, most of this finfisher stuff appears to be for surveillance states (plus assholes like nsa), not real law enforcement. Real cops / fbi can get a warrant and go straight to microsoft who appears to have very good skype capture ability. Why would you screw around with all this nonsense when all it takes is a couple hours of a DAs time to draft a warrant, a trip to see a judge (assuming you have a reasonable cause), then a fax to microsoft? Unless of course the reasonable cause thing is tripping you up...
ps -- that's not to say our governments aren't well aware of what FinFisher is doing. I bet the fastest way to seriously piss nsa/various pigs off is to sell an exploit before sharing it with the US/5 eyes. I mean, they don't "know know", but they know, the same way we know damn well what goes on in extraordinary rendition, though we all run around pretending to be shocked, shocked! that there's torture in egyptian prisons...
Edited to add; This is heresay, but my friend just told me that this is the first thing techs do when they set up a computer at Los Alamos National Lab. (He knows some people who were contractors there.)
The idea is hardening; disallow anything extraneous to your purpose which may negatively impact your security. So, get a computer with built-in peripherals (a laptop), or only leave the ports unglued which you intend to use.
An old-fashioned keyboard and mouse port serves only one function; connecting a keyboard or a mouse. A USB port is general purpose. Since the latter is much more complex, we can expect its drivers to contain lot more vulnerabilities. If you expose your keyboard and mouse ports, and your USB ports, you're vulnerable to all of the flaws in both. If you only expose your keyboard and mouse, you're better off.
Its worth noting that none of this matters if you don't use full-disk encryption. They can mount your hard drive and add a user with root privileges to /etc/shadow and /etc/passwd in a matter of minutes if your drives are stored in clear text.
> Its worth noting that none of this matters if you don't use full-disk encryption.
And just to be clear, one of the fun things with firewire exploits, is that it easily defeats fde -- it allows an attacker to dump the ram, and extract the encryption keys from ram (as the keys need to be in ram for the os to access the disks...).
So you could perhaps mirror the drives at night, when no-one is around, and dump the keys you need to use that dump during lunch break, when the machine is on, but unattended... You might argue that they could just blow some co2 on your ram sticks, and dump the keys from there (if they could already access your hds...) -- and you'd be right -- but firewire is a lot less intrusive...
I cant edit my original comment, but I wasn't trying to imply anything except that I had never heard of this before. Reading the supplied links this is a lesson learned for me
1 - don't allow physical access to your machine. If you are worried about nation state actors, consider filling firewire and usb slots with super glue.
2 - don't use skype
[1] https://netzpolitik.org/wp-upload/FinSpyPC.4.51.ReleaseNotes...