- OS/2 & eComStation User Group
- User Community / 사용자 모임
- Blue Lion News
- How ArcaOS addresses privacy and data security
#1 May 23 2017 12:32 am
How ArcaOS addresses privacy and data security
Personal computers have come a long way since the 1990’s, and today, it seems like everything wants to connect to everything else – even when we don’t want that to happen. Worse yet, it seems that device manufacturers and software publishers aren’t satisfied with a simple product purchase or licensing fee; instead, they seem to want to harvest your personal information and either use it market more stuff to you or even sell it to unknown third parties.
Arca Noae understands this, and we respect your privacy. ArcaOS evolved from roots which predate this overly-connected ecosystem in which we find ourselves today. While there are some trade-offs for the insulation which that affords the user, we believe that these trade-offs are well worth the effort.
Here are some of the things which ArcaOS 5.0 either doesn’t have or doesn’t do. See if you don’t agree that when compared to some other operating system choices you have, ArcaOS looks like a much safer bet:
No Adobe Flash Player. Over the years, Flash has become a major attack vector for compromising not only the browser (when run as a plugin), but the entire system, planting many spyware elements on the system to beacon the user’s actions elsewhere or serve as a path for infecting other systems – regardless the antivirus or antispyware software in use on the system. We made a decision early in the development cycle that as the internet is moving to HTML5 for more native playback of rich media, we would not include such a weakly-secured component in ArcaOS.
No centralized address book. A central address book is a common vulnerability, exposing all of your contacts to discovery (and spamming). There are methods for securing an address book in Thunderbird and SeaMonkey, however. Be sure that if you use anything which stores addresses you keep it password protected with a strong cipher to ward against theft.
No centralized password manager. There is nothing wrong with having a password manager installed, and there are, in fact, several very nice ones which run quite well under ArcaOS. However, why should everyone know which password manager you use? Known exploits could leave you vulnerable even without divulging such information. Because there is no single password manager bundled with ArcaOS, would-be thieves will have to try to determine which application actually holds your valuable information.
Samba 4 file and printer sharing client, including Kerberos and NTLMv2 authentication. No old, weak password hashes for ArcaOS. Instead, Samba 4 utilizes the latest methods for securing authentication to servers and even encrypting data transport to and from servers so configured.
Updates via secure channels, keeping Arca Noae credentials safe. When accessing updates from Arca Noae servers, all transports are done using the HTTPS protocol, and when storing your login credentials in Arca Noae Package Manager, the credentials are actually tied to your local system. It is not possible for someone to steal your configuration and easily decrypt your username and password for your Arca Noae account on another machine.
Arca Noae stores no financial information on our own servers. Should your account credentials actually fall into the wrong hands (a stolen laptop or a careless reminder note), your account information stored on our servers does not include any of your credit card data. We simply do not retain this sensitive information.
ArcaOS doesn’t “phone home.” It’s true. If you ever find yourself stranded on a desert island with just your laptop and a solar panel for electricity, your ArcaOS-powered machine will never complain about not being able to “authorize” the installation for use, because it never looks to contact us. An ArcaOS installation is an island unto itself. It is even possible to retrieve software updates on a single machine and set that machine as a repository for all of the other ArcaOS stations on your network. None of the other systems would ever need to touch the internet to get the latest code.
ArcaOS does not include any trialware or junkware. Many of these applications contact their own publishers over the internet (aside from ceasing to function after a certain period of time). Every bundled application on the ArcaOS DVD is fully functional and fully licensed for use with ArcaOS – forever, with no further registration required, anywhere. None of these applications send information over the internet to anyone else, and are perfectly happy to just run in their own space under ArcaOS, unless you want them to make contact elsewhere. Shouldn’t that always be the case?
This is by no means an exhaustive list of how ArcaOS was designed to keep you safe in our overly-connected world, but merely a starting point for discussion and consideration. All that, and we managed to keep the introductory pricetag under a hundred bucks. How’s that?
Form is loading...