Ask HN: What's the best way to secure your workstation?
source link: https://news.ycombinator.com/item?id=29371088
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
We know this sort of malware is making its way onto package repositories [1]. We know people are falling for these attacks. How do we protect ourselves against this family of threats?
[1]: https://www.theregister.com/2021/07/21/npm_malware_password/
We could trust nothing beyond our base system and our browser, and refuse to use any code we don't fully audit, but this would be an impossibly austere way to live. I expect most of us, when pressed, would admit that we're trusting much more code than we would like to.
The alternative is sandboxing, using a lightweight option like firejail (which I use) or a totalizing system like QubesOS. But these systems are awkward to use, and have their own drawbacks.
What's the bar for reasonable security, in your opinion? How do you secure your workstation without living like a monk?
Using Qubes OS. It's really easier than you might think. The UX is amazing. Can't recommend it enough.
Search:
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK