from Hacker News

Ask HN: How to secure sensitive operations (cyber security)

by devShark on 12/10/21, 11:25 AM with 6 comments

I need to perform certain sensitive operations on my computer (access important bank account, sensitive passwords, etc). I currently have 1 mac, and my approach is to not install any closed source software.

This approach is very limiting though, as there are many closed-source software that would greatly improve my productivity, and some are straight necessary for some of my business activities.

So I am currently considering purchasing another mac and performing only sensitive operations on one (with only open source or highly trusted programs), and other tasks on the other (with a lower level of trust in installed programs).

However the downside is that managing two computers probably adds a significant complexity. Is there a better way to achieve this? Thanks!

  • by vmoore on 12/10/21, 3:59 PM

    > and my approach is to not install any closed source software.

    Install Trisquel[0] and only run trusted applications on it. Trisquel ships with /no/ proprietary software and is 'deblobbed' of any closed source software. You even have to buy special 'libre' wifi adapters for it if you want a wireless connection. Vanilla ethernet works well on it though.

    [0] https://trisquel.info/

  • by _trampeltier on 12/10/21, 11:45 AM

    The question is always how far you wanna go. I also have a "clean" computer and even there, I have for everything different accounts. On the other side, most people have just an easy life with just one single account.

  • by Hackbraten on 12/10/21, 11:42 AM

    The first thing I’d do is to build a threat model.

    What kind of threats are you trying to protect against?

    Drive-by exploits in the browser? Spearphishing? Software/hardware supply chain attacks? Those are just general examples.