Get Trusted

This tutorial may need a fair amount of additional work yet, in order to communicate what is needed and to do so in something resembling a streamlined manner unlike what this sentence seems to do.

Update: This may or may not be in much better shape now. There is some older text near the bottom.

[#tutgoal]: The Goal

The goal of this tutorial is to provide directions to obtain, and then to maintain, a maximum amount of trustworthiness. This desired goal isn't so much about helping a person to trust a machine. The desired benefit is not obtained by being able to naively convince one's own self to blindly trust a machine (no matter how badly that machine may already be infected with malware). Rather, the focus is about maximizing the amount of good reason why a machine (or service or network) is as worthy as possible of any particular amount of trust that it may be given.

[#howtrust]: The Methods Used To Get A Trustworthy Network

One of the two key methods of this guide is to start with the most trustworthy code possible, and to spread the state of being as trustworthy as possible.

However, all that gained trust quickly becomes useless if the trust is compromised shortly after it is gained. Therefore, the other key moethod is to set up strong barriers that isolates distrust. For instance, if a computer on a network is distrusted, otherh computers may still be trustworthy if they had protection that was suitable to prevent them from also being untrustworthy.

[#prptsrtd]: Startup/Preparation

Start with a machine which is sufficiently isolated. The machine should be isolated from Internet attacks by being offline or by being isolated by a trustworthy firewall.

Also start with trusted code. Although this absolutely essential step may seem obvious, it is more true than what many people realize or implement. For some reasons described by the hidden malware section, a machine is not going to be trusted just because it has anti-virus software claiming that it is up to date, even if the anti-virus software comes from a well-known name.

The plan is going to be to wipe the machine. This guide is not going to worry so much about trying to check firmware, which is admittedly imperfect security. Instead, this guide is going to recommend backing up any sort of data needed on a machine, and then simply wiping a hard drive with all zeroes.

Wiping a machine (overview/background)

Actually, zero'ing the hard drive is a process that can take quite a bit of time, and is fairly optional as long as one makes sure that all pre-existing code is eliminated from any sectors before it is executed. However, zeroing the hard drive is the easy option. On an x86 machine using a standard BIOS, and assuming all the operating systems used will use a standard operating system procedure, this may done by not using any pre-existing partitions, overwriting the MBR, re-creating new partitions, formatting all partitions before they are used, and then only storing data in such partitions. For home use, those who are familiar with such processes may save time, such as hours or even days, by being careful to follow those steps instead of zeroing the hard drive. For use by a business, or an organization such as a classroom setting, it may be easier to document what was implemented by just having an activity of zeroing out the hard drive.

Assuming that the implementation of zeroing out the hard drive is complete, this will disable any sort of malware that may have been on the drive (assuming the malware didn't first get copied somewhere else, like into RAM). Even if malware could be retrieved using advanced hardware (see the section of recoverability of data that's been wiped), the chances of such a thing happening seem minute enough that such chances are not a worthwhile concern. The chances would be lower than that of other threats (such as somebody accessing the hard drive when it isn't in use, and re-infecting the drive).

Wiping a machine (technical details)
Identify how many hard drives there are in the system. Before destroying any data, be sure to back up any data which is needed! Then, see the section on wiping media.
Choosing operating system media

This includes choosing an operating system.

Since there are some various opinions (some with good reasons and others with less good reasons), to keep this guide rather neutral, details are not provided. Basically, (at this time) this guide does not provide much details in the way of making such important decisions. (Naturally, if performing this task as part of an organized activity, the recommended course of action may be to follow guidelines provided for those who participate in the organization's activity.) Naturally, the trustworthiness of the end result may be affected by poor decisions (such as using custom-burned media that comes from data obtained from untrustworthy sources on the Internet).

[#nottlsec]: No total security

(This section is informational/background/overview, and does not include actions that need to be taken.)

Security is not total: imperfection is required. The reasons why are discussed in a separate section, no total security. (Reading that section is intended to be a part of this guide. That section used to be part of this guide, but it was moved to a separate section since it was suitably large and separatable.)

[#hidnmalw]: Hidden Malware

(The information that was here has been moved: see: hidden malware.)

Making the machine useful

At this point, if the machine is prepared, it should be fairly trusted: Presumably it has no malware on the drives, and it has no network access.

Make sure there's no hidden USB sticks that the computer might boot off of. (Such a thing could reduce the trustworthiness of the system.)

The next step will be to Install the operating system. If installing from a CD, continue to deprive the computer of any network access. If installing from a network, realize that the computer's trustworthiness may be reduced if a successful network attack happens. The degree of risk may correspond to factors such as how good the network defences, such as firewalls, really are.

As much as possible without network access, set up the operating system including hardening Administrator accounts, etc.

Also get service packs, Anti-Virus software, and operating system patches installed, without network access, if that is a convenient possibility. If it isn't convenient, weigh in the risks of threats and how much potential reduction there is to the overall trustworthiness of the desired end result. If network access is needed, see if the software can be obtained from a trusted machine/network. For some operating systems, it would be considered foolhardily compromising to be connecting the system to the Internet without a firewall, drastically reducing any reasoning to be considering the system to be trustworthy.

In general, in an ideal setup, it is only after the system is secured as much as possible should one consider adding other services.

Keeping the system secure

Keep distrust isolated.

Have a good disaster recovery plan. (If a machine can be re-installed quickly, there will be less hesitation to do so in the light of problems.) See about how to utilize automatic updates of the operating system: Even if there isn't the desire to apply such updates automatically, it may be worthwhile to download or at least receive information about such updates as they become available. Implement additional security detection measures such as file integrity checks.

Spread trust by improving other systems on the network. If they are less likely to be hostile, that may reduce internal threat which may be a good and positive thing.

OLD TEXT

This is done by improving trust as much as possible, lowering trust only as much as needed to accomplish useful tasks, isolating distrust, checking. certain amounts of trust. the worthiness as much reason to find a computer to be worthy of being trusted and maintain as much reason to trust a machine as possible. This doesn't mean naively trusting a machine no matter how badly it may already be infected with malware. The focus isn't necessarily on having trust, but on maximizing the amount of good reason why a machine is worthy of being trusted to a high degree (including raising that degree that the machine may be worthy of). , and maximizing the degree of trust a certain amount of trust. having as much reason to trust. on having as much reason to have that trust. as possible to have and maintain The goal of this guide is to provide some directions that will help a technician to be able to improve how trustworthy a machine may be and to be able to have as much reason as possible to keep having that machine be as trustworthy keep as much reason to that trust as much as possible. limit the losses of distrust and to improve the trustworthiness of a machine be able to trust a machine to a greater degree.

Isolating Distrust

The key step is to isolate distrust, including potential distrust in case actual distrust ends up occurring. In addition to preventing distrust as much as possible, isolate the consequences that occurs if certain trust becomes compromised (or is already compromised).

Certain things can lower the amount of trust on a machine. One example is finding out that the machine is behaving undesirably because it is clearly taken over by malware. Another example of an action that may lower how much a machine is trusted is to provide an additional, perhaps less trustworthy, person to have access to the machine.

Eliminating distrust may sound desirable, but there are often problems with that goal.

Status: This guide is not yet complete.

The Goal

The goals of this guide are to get all machines on a network so that they are running trusted code, and to have appropriate barriers The goal of this guide is to turn all machines on a network into a machine that has trusted code, to be able to rapidly turn a machine with less trusted code into a machine that has trusted code, and the ability to test trust.