So, you are totally fed up, your computer is always being infected with Viruses, Malware, Spyware, Trojans, Adware and pop-ups are driving you crazy, and you want to make sure that no one can possibly spy or hack into your computer ever again. You want to start fresh and barricade your computer from all threats.
Are you SURE? Let’s see what it would take to truly accomplish an “unhackable” computer, then you can tell me after you read this article.
I am going to explain what is called an AIR GAP. An AIR GAPPED computer is physically isolated from the internet. You can air gap a single computer, or have a network of computers, and the entire network, and all computers on the network, are isolated from directly communicating with the internet. There are a few ways of doing it, the following method is just one possible way. This is by no means exhaustive, this is only intended to give you an idea of what would have to be put in place.
I am also going to assume you are hyper paranoid, not only about hackers, etc., but also about being spied on by your friendly government agency…why else would you go to this extreme?
First, you will need to purchase a brand new computer, using cash, at a physical store location, for example WalMart. No credit cards, no shipping, no paper trail other than a cash receipt.
Find a friend willing to help you with this next step. Bring your computer over, and briefly connect it to their network. Yes, initial set up is unavoidable. You still need to download updated drivers, and register your copy of Windows. You can use made up information if you like. Only install software that you absolutely need. Disable Auto Run functionality in Windows, and use Whole Disc Encryption to make sure only you have access to your data.
From this point onward, your machine will never be on the internet again.
Installing any software in the future will have to be done via CD, USB, or other removable media, and copied to your air gapped computer.
Avoid using PDF or WORD documents unless necessary, as they can potentially have harmful macros embedded in them. For further protection, you will also want to disable macro functions on your computer. Regular plain old .txt files are best.
Only use media that you know, for example CD or USB stick that you have purchased yourself. This way you know the source where it came from. I personally prefer USB because in my opinion, optical media is all but obsolete, when you write to it, erasing it can be quite a chore, and securely disposing of optical media isn’t fun. Other experts, like Mr. Bruce Schneier, for example, do like optical media (as he recommends in his article), because you can hear any write activity on the drive, as if a virus is writing additional data without your knowledge, you can hear the drive whirr up, among other reasons.
Find a 512MB or 1GB flash drive. Any time you transfer data to or from your computer, you want to use the smallest capacity medium possible to prevent malware from adding any unwanted data to piggy back a ride.
There you have it. A basic air gapped computer. Fun huh? Are you really ready to go to that extreme?
P.S… now for the bad news. This still isn’t 100% guaranteed. Air Gaps have been breached in the past, but it is as close as the average individual can come to an “unhackable computer.”
Another option (among many others) is installing a Linux Live CD on a USB Flash drive, booting only from the USB Flash drive whenever you want to use your computer. For example, Ubuntu, making a bootable “USB Stick“.
I hope you found this article interesting. Feel free to visit me at DrTech.co