Webconverger unlike Windows for example does not require:
- a Firewall
- opensource software
- no super user
- always clears private data once a session is ended
- does not store local data (live read-only session by default) a.k.a. defence in depth
- does not require any signup or registration
ISO-based releases are read-only and gain additional security since a reboot always returns the system to a known good state.
From Webconverger 15 release notes Webconverger has the new ability to stay automatically upto date and patched on installed versions. We are working to make upgrades apply quicker than the typical two boot cycle it requires currently.
- Update pushed on Wednesday morning GMT
- A machine that has booted after that push, fetches that update, for a example a machine in the states
- A subsequent reboot of that machine (assuming it's turned off at night) will apply that patch, typically Thursday PDT morning
about:in the URL bar can verify which git revision that client is running
We can support Enterprise IT administrators looking to finely tune updates and test updates before rolling them out.
Webconverger welcomes security review. Please email security AT webconverger.com with your findings.
Could reviewers please practice responsible disclosure.
- Webconverger is a member of the Open Source Computer Emergency Response Team
- Review by Andrew Patrick, Ph.D. of the Information Security Group of the National Research Council Canada
Surf with SSL to protect yourself from eavesdropping
When you surf the Web in several cases your browsing connection can be intercepted.
That's if the attacker can get inbetween you and your favourite Website. So who could be in between your connection and say this site Webconverger.org?
Eavesdropping is most common with unsecured Wireless. This attack typically occurs at the very first stage on your access point.
To mitigate this risk use SSL. An encrypted SSL connection is denoted by a yellow coloured URL bar. So for example instead of visiting:
A more secure & simple way to protect from eavesdropping is to visit instead:
Malware present on hacked sites has increasingly become an issue. To close one vector of attack, we have set up Webconverger's temporary files to not be executable by creating a new filesystem just for tempfiles and optioned with noexec.