On 1 May 2011 12:35, Charles Blair <[email protected]> wrote:
> B Is the absence of a graphical browser from the base system
> a statement that any attempt to do such things as look at
> stuff on youtube is inherently unsafe?
Not speaking officially, but, as I understand it, the general idea is
that any unnecessary software is also an unnecessary security risk.
Therefore, you should only run necessary software, which results in
necessary security risks. What is necessary varies from one person to
another, so OpenBSD ships with very little enabled by default ("secure
be default") and you have to go install and enable the things that are
necessary to you personally.
I find it very empowering. Rather than being handed an insecure but
feature-rich operating system and having to try to lock down the
features I don't want, and ultimately fail because a) I'm not a good
enough security expert and b) it's not even possible to lock down most
operating systems as well as OpenBSD short of some major code
revisions and audits... I get to choose which security risks are worth
taking. Horray!
I doubt there are any graphical browsers under the BSD license, which
wouldn't help either. Things which are under a more restrictive
license than that are generally segregated to ports and packages and
not included in the main system.
> B Is tor considered a safe way to do anonymous browsing, or
> does openbsd recommend an alternative?
I don't think the OpenBSD project offers any recommendations on that.
Anonymity is a different type of security than the type OpenBSD is
offering. (Of course, running OpenBSD will certainly foil many
attempts to break your anonymizing proxy by installing some kind of
spyware or something.)
I believe the three major ones are Tor, JonDo, and i2p. The last is
really only useful for accessing their own internal i2p network.
(There's also Mixminion, although I think it's more academic than
useful at this point.) However, they are all reputable open source
projects, each with different strengths and weaknesses. Each needs the
browser or other application to be configured properly for optimum
anonymity. However, a detailed discussion on all that is really
outside the scope of this mailing lists, especially given that those
projects have their own mailing lists and forums.
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
https://anonymous-proxy-servers.net/forum/viewforum.php?f=8
http://forum.i2p2.de/
