I want to introduce you with the idea of secure and anonymous system/computer.
Every system with proprietary software lacks in field of safety and anonymity.
So we must focus on free open source system like Debian. Part of the features listed here are exists in systems like Tails, QubesOS and others. Some software is taken from prism-break.org.
This is how I see this concept:
Base system:
- Debian with kernel patched with grsecurity.
System features:
- Anonymous networks integration: Tor, Freenet, I2P.
- Full disk encryption
with dm-crypt and LUKS.
- Strong security through isolation, similar to QubesOS, (based on Xen, using IOMMU/VT-d ).
- Virtual machines for most buggy solutions, e.g. flash.
- Different users for different uses.
- Torified web applications.
- Email client with PGP encryption.
- Instant messaging with OTR (off the record), e.g.Pidgin.
- Bitcoin client and other cryptocurencies.
- RAM cleaning on shutdown, panic button (cold boot attack protection).
- MAC Changer.
- User anonymity and safety education utility (community support).
- Safety alerts (community support) - inform the user about recently founded security problems that may influence .
- System entropy generator (if not hardware), like haveged.
- Web browser (Firefox) with profiles for different uses and plugins enhancing anonymity/security (Adblock Edge, HTTPS Everywere, NoScript, Disconnect).
Every closed hardware is potentially dangerous to safety, that's why initiative like OpenCores are very important. In the not far future every element of secure computer may be assembled using only open hardware solutions. System should have specific version for open hardware decreasing size and complication of kernel.
Hardware features:
- Preferable open hardware.
- Closed hardware with open source firmware if possible.
- Random number generator for increasing system entropy.
- Some special, physical crypto-token needed to unlock the system.
Would you like this idea? What elements would you like to add, change?