As I have said in previous posts in Puppy Linux Discussion Forum, my knowledge about computers, operative systems and related things is quite poor.
But I'm interested about these subjects and specially about free and open source software.
Since some years ago, I am only using different Puppy distros from liveCDs on a computer without a HDD and only using USB flash drives to save my stuff. I feel that this change has greatly improved the quality and security of my computing life.
In the past I unsuccessfully tried to imagine how life would be using only FSF approved software but after getting acquainted to light and quick booting Puppy distributions, I dismissed the idea of using FSF's slow booting and heavy weight approved stuff.
But a few days ago, when I discovered the existence of LibrePuppy I thought it could help me to understand what my computing life would be under FSF's rules and decided to give LibrePuppy 6.0.2.2. an opportunity.
I have had some difficulties in jumping from my dear Slacko 5.3.3 into LP6022
I would like to speak about them but I will leave that for another post.
Now, my principal concern is security.
I don't recall having thought my security was at risk with my previous Puppies.
It is true that ignorance helps in fading ideas about insecurity, but I can't deny that when some days ago, after entering one of my usual e-banking systems, I received a SSL Certificate error window, which I can't remember having received in that website before, I felt very uneasy and decided to discontinue my operation there.
The fact that the e-banking telephone operator said that if the problem didn't appear if I used Internet Explorer I should disregard it; a freenode chat in a security channel while I was testing my new IRC client, and the fact that a another (somewhat different) SSL Certificate error has also appeared when I visited Geany's home page have slightly reassured me, so I decided to resume the e-banking operation I had discontinued.
When the SSL Certificate error appeared, I clicked on an option that allowed making an only session exception for that certificate and tried to continue with the usual steps for money transfers. But with the first click I got a different error message, which I can't remember having received in that website before, so I decided to continue my transfer from a ATM.
Today I tried making an electronic tax payment from an account on a different bank that works with a different electronic banking network I have used with no problems up to now, but a couple of unexpected little windows opened. They were both asking me to decide if I wanted to Open or to Save an alphanumeric string followed by .swf file. They were both showing me that it would be downloaded from what I suppose is the URL of the electronic banking network. After making some research in the web, I also suppose that if I open or save them they will get into my RAM or USB flash some sort of code that will help me to continue easily with my e-banking operations.
But as I've said before my knowledge about these things is quite poor and I prefer writing these lines than taking the risk of not reading the advice of security and Puppy experts (to whom I thank in advance) who hopefully will answer these two questions:
Is LP6022 as secure as the Puppy versions I've been using in the past?
How should I deal with these advises and requests that weren't present in my previous e-banking sessions?
Is LibrePup 6.0.2.2 trustworthy?
Is LibrePup 6.0.2.2 trustworthy?
Posting from a P4 3Ghz_ASUS P5G41T-M LX3_2G RAM_DVD Write desktop with no internal HDD
Saving my stuff on flash sticks and in external USB HDD
Saving my stuff on flash sticks and in external USB HDD
Its not a question of if this puppy is trustworthy. It passed my expectations by warning you that the site was insecure. Unless 'you' configure the browser correctly, that might not occur in older puppies. You would be falsely thinking all is well, when in fact it is not well at all. In fact, FireFox Browsers in general #26 and lower cannot use TLS security, and some old ones allow SSL2.
It not really the puppy, its the browser, and the acceptance of default conditions by the user I've come to the cconclusions years ago that default conditions are an open invitation for the bad-guys.
It not really the puppy, its the browser, and the acceptance of default conditions by the user I've come to the cconclusions years ago that default conditions are an open invitation for the bad-guys.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
Thank you very much 8Geee for your anwser and time.
But not all the doubts of the unlearned user have vanished yet.
After reading your answer I've been trying to avoid thinking in terms of trustworthiness, I've made some research in the Linux Documentation Project site and on criptography related URLs and I'm wondering...
Could your words mean that in the past, even if Slacko 5.3.3 didn't warn me, the SSL Certificate error existed while I was confidently e-banking?
But not all the doubts of the unlearned user have vanished yet.
After reading your answer I've been trying to avoid thinking in terms of trustworthiness, I've made some research in the Linux Documentation Project site and on criptography related URLs and I'm wondering...
Could your words mean that in the past, even if Slacko 5.3.3 didn't warn me, the SSL Certificate error existed while I was confidently e-banking?
Posting from a P4 3Ghz_ASUS P5G41T-M LX3_2G RAM_DVD Write desktop with no internal HDD
Saving my stuff on flash sticks and in external USB HDD
Saving my stuff on flash sticks and in external USB HDD
"In the Old Days" while confidently e-banking, both your browser and the website accepted a poor security condition... thus no warning. But when one partner has high security and the other has poor security, the alarms go off.
As you might suspect, this kind of logic is not too good, as it allows both partners to have poor security to complete business (transactions).
As I've mentioned elsewhere in different words, don't allowSSL2 or 3 at all, get a browser that at least lets you make that decision, or does it by default. The newer version is TLS, and only versions 1.1 and 1.2 can be relied upon. If given a choice between 128 and 256-bit versions, deny the 128-bit versions.
This is not easy to ask a new-person to do. It involves at least configuring the browser and maintaining security update to the Operating System, so both work together. Nonetheless, everything done at 'your' end, has NOTHING to do with the 'other' end. Both ends need good security to work properly.
As you might suspect, this kind of logic is not too good, as it allows both partners to have poor security to complete business (transactions).
As I've mentioned elsewhere in different words, don't allowSSL2 or 3 at all, get a browser that at least lets you make that decision, or does it by default. The newer version is TLS, and only versions 1.1 and 1.2 can be relied upon. If given a choice between 128 and 256-bit versions, deny the 128-bit versions.
This is not easy to ask a new-person to do. It involves at least configuring the browser and maintaining security update to the Operating System, so both work together. Nonetheless, everything done at 'your' end, has NOTHING to do with the 'other' end. Both ends need good security to work properly.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
Trying to share the same language
Sorry for the delay in thanking you for sharing your knowledge in this thread.
Though I'm currently using LibrePup6022 again, I have transiently had to return to Slacko533 because I needed urgently to print some documents and failed to do this using LibrePup6022.
In the mean time, I took advantage of that, to read your last message, to read more about security and to make some Slacko533 security related tests.
Presently I need more time to reorder my ideas and to continue with my operating sytem (and browser) security related tests.
But, because my interest in your comments and advice has increased, before ending this post, would like to ask you...
If the next time I post in this thread, I introduce into our conversation the words "level(s) of security", would you feel they are inappropiate in the context of the sort of problems we have been dealing with?
Thank you very much in advance.
A sincere message from an user who's trying to learn
Though I'm currently using LibrePup6022 again, I have transiently had to return to Slacko533 because I needed urgently to print some documents and failed to do this using LibrePup6022.
In the mean time, I took advantage of that, to read your last message, to read more about security and to make some Slacko533 security related tests.
Presently I need more time to reorder my ideas and to continue with my operating sytem (and browser) security related tests.
But, because my interest in your comments and advice has increased, before ending this post, would like to ask you...
If the next time I post in this thread, I introduce into our conversation the words "level(s) of security", would you feel they are inappropiate in the context of the sort of problems we have been dealing with?
Thank you very much in advance.
A sincere message from an user who's trying to learn