How does TC browsing security compare with this

[Ulysses_]

For the purposes of shopping online and anonymous browsing, how does TC security compare with:

- Backtrack (hacker distro)
- virtualBSD (freeBSD preconfigured with X)
- PCBSD (freeBSD preconfigured with X plus easily updatable components)

Anything else you consider more secure?

[gerald_clark]

I recommend Windows 3.1.
( Just kidding )

[Guy]

For online shopping, a distro which is frugally installed is ideal, such as Tiny Core. When you turn the computer off, and reboot, everything is fresh. If you want to be absolutely sure, also delete your internet browser cache.

I have not used the other distros mentioned by Ulysses, but maybe Backtrack is also frugally installed. Someone else may know.

I use Tiny Core for online shopping. If you are really concerned, you could use a live CD, so you are sure nothing is saved. You could make a Tiny Core live CD with applications.

[Ulysses_]

Yes, nonperistence is a good strategy, and apart from liveCDs/frugal installs it is also available simply by running them in a VM with a nonpersistent .vmdk.

So the issue left is making it hard for hackers to find an exploit for the distro or o/s.  

In terms of this, would the simplicity of TC mean there are fewer holes in it compared to hacker-oriented backtrack (based on ubuntu) or the supposedly carefully designed freebsd?

[tinypoodle]

I recommend Windows 3.1.
( Just kidding )

Always worked perfectly for me security wise.
... as I was never able to connect to internet  

[gerald_clark]

You needed the Clarkson University packet drivers.

[Ulysses_]

You needed the Clarkson University packet drivers.

Surely the web existed back then, no?  But then, no browser existed for pc's.

[curaga]

Lynx was first released 1992 and Mosaic 1993.

[Lee]

For safe browsing, didn't I read somewhere in the last month or two that the US Air Force produces a distro that would be useful for that?  I don't remember little details like the name of it hmmm... yes I do and here's where I saw it:

http://www.linuxjournal.com/content/linux-distribution-lightweight-portable-security

I pretty much decided TC is safe enough for me.

[Ulysses_]

I pretty much decided TC is safe enough for me.

Meaning, safer than the average distro?

Used Mosaic in '93 and '94 but on unix workstations.  Was it available on linux too from the outset?

[Lee]

Well... I have to confess I haven't actually -used- any other distros lately(*), though I've installed a few while looking for something that would be useful for my wife (she's on Windows 7 Home Premium 64-bit now, against my advice, but with my support.  Grr. )  All of the more "turn key" distros were "turn offs" for me.

As for "safe enough for me" - considering my (possibly deficient) understanding of the whole frugal install thing, the fact that I'm behind a NAT firewall and my own feeble security procedures (including usually-safe usage habits), I feel pretty safe.  There is, of course, always room for improvement.


(*) I ran DSL for a few years and Red Hat for a few years before that.  According to my logs, during the DSL years (with an exposed ssh port), I did come under attack for a while, but apparently brute force is not an effective method of attack for that.  Or I got pwned and never knew it! 

[Ulysses_]

Nowadays the main threat is from sites you visit with a browser and secondly emails, the baddies don't attack from outside the walls so to speak.

[Ulysses_]

For safe browsing, ... the US Air Force produces a distro that would be useful for that

http://www.linuxjournal.com/content/linux-distribution-lightweight-portable-security

Downloaded this and it seems just right.  Remains to be seen how a liveCD can be edited. Opening another thread for editing liveCD's.

[danielibarnes]

It appears to be based on Thinstation. Compare the Quick Start Guide to this screenshot.

Ulysses, you can build your own image here. Very nice.