Hacker News new | ask | show | jobs
Ask HN: How to secure sensitive operations (cyber security)
2 points by devShark 1651 days ago
I need to perform certain sensitive operations on my computer (access important bank account, sensitive passwords, etc). I currently have 1 mac, and my approach is to not install any closed source software.

This approach is very limiting though, as there are many closed-source software that would greatly improve my productivity, and some are straight necessary for some of my business activities.

So I am currently considering purchasing another mac and performing only sensitive operations on one (with only open source or highly trusted programs), and other tasks on the other (with a lower level of trust in installed programs).

However the downside is that managing two computers probably adds a significant complexity. Is there a better way to achieve this? Thanks!
3 comments
vmoore 1651 days ago
> and my approach is to not install any closed source software.

Install Trisquel[0] and only run trusted applications on it. Trisquel ships with /no/ proprietary software and is 'deblobbed' of any closed source software. You even have to buy special 'libre' wifi adapters for it if you want a wireless connection. Vanilla ethernet works well on it though.

[0] https://trisquel.info/

link
devShark 1651 days ago
Thanks for that. I am not sure I am ready for the jump from macOS to linux though. I will consider it, thanks for the pointer.
link
_trampeltier 1651 days ago
The question is always how far you wanna go. I also have a "clean" computer and even there, I have for everything different accounts. On the other side, most people have just an easy life with just one single account.
link
devShark 1651 days ago
Ok, interesting. That is what I am considering. Any feedback on that? Do you feel it's worth it? Any tip?
link
Hackbraten 1651 days ago
The first thing I’d do is to build a threat model.

What kind of threats are you trying to protect against?

Drive-by exploits in the browser? Spearphishing? Software/hardware supply chain attacks? Those are just general examples.

link
devShark 1651 days ago
I do not have anything specific in mind, because threats are constantly evolving. I am clear that you can never be 100% safe. But I am looking to protect myself as much as is reasonably possible.
link