[ubuntu-studio-devel] CyberSec For Creative Humans

lukefromdc at hushmail.com lukefromdc at hushmail.com
Thu Oct 29 23:41:48 UTC 2015 

At the creation level, the value is in having software that does not require
activation.  That rules out paid software like Windows video editors 
(and lightworks) and sound editors. It also rules out Windows.

If someone installs US from a new iso on an offline machine, there is
no network and nothing can phone home, yet everything works. if 
codecs are missing from the ISO, they can be fetched by flash drive
and again brought in for offline installation. Easy way: install also to a 
laptop, pull the packages somewhere else, save them from the APT
cache, bring them home. Actually this codec issue is does complicate
things just enough to require someone with some computer skills
to set up the machine. This is an issue because of cameras that shoot
to H264 or other patented codecs. 

On Windows we would be talking  about activation on a particular machine,
plus the use of currency over the network, itself an issue that could identify
the owner of the system. We also have no proof that proprietary editors
are not watermarking output in some way, possibly even enough to identify
a particular license. We do know that many printers do this, after all.



On 10/29/2015 at 7:25 PM, "Len Ovens" <len at ovenwerks.net> wrote:
>
>On Thu, 29 Oct 2015, set wrote:
>
>> On 2015-10-29 23:44, lukefromdc at hushmail.com wrote:
>>> Yes-a secure, untraceable posting requires that the user do 
>absolutely NOTHING else
>>> in the entire session.
>>
>> Or, you put it on a usb-stick, go to a cybercafé with make-up 
>and funky
>> hair and pay cash....
>>
>>> Encryption's value is in the hands of someone willing to defy a 
>subpeona regardless of the
>>> penalties (to not snitch) and able to remember a strong 
>passphrase and use it right.
>>
>> This is very deep. For real. (Besides also being modern love-song
>> material!) It's the core of information-transmission in any 
>form: value
>> of, and in trust.
>>
>> But how does ubuntustudio translate this? How does the awareness 
>of the
>> vulnerability of a computer integrate with the creative process?
>
>Having read some of these things... I think there are two distinct 
>actions 
>involved here. Artistic creation and distribution. It is 
>reasonable in 
>some cases even on a machine that is never conected to the network 
>to want 
>to ensure the disk is not readable by anyone but the owner. That 
>is what 
>an encrypted disk is for. However, I think the art of distribution 
>in an 
>untracable way is probably outside the scope of Ubuntu Studio.
>
>So being able to create a clean (metadata wise) 
>Audio/video/graphic is 
>something that should be doable with studio, but having SW that 
>protects 
>browsers or allows traceless connection is not. I think there are 
>two 
>reasons for this. One is that Ubuntu would not want to be seen as 
>a 
>"cracker's" tool kit (or criminal's tool kit). The other, is that 
>I think 
>someone who's life depends on their online security would want to 
>build 
>that security from the bottom up so that _they_ know what they 
>have and 
>can be sure they have done their best and that the security they 
>are 
>relying on is not a trap to catch them in the first place.
>
>--
>Len Ovens
>www.ovenwerks.net

More information about the ubuntu-studio-devel mailing list