Rev 9/25/17 (see Notes)
If you trust software entirely to isolate data from the internet, you trust people in general too much. You should assume that if it's technologically feasible to spy on you, it's being done, no matter how low and seemingly pointless it is. (Snowden: "What's more shocking is the dirtiness of the targeting. It's the lack of respect for the public and for the intrusiveness of surveillance.") Maybe you just don't think that anyone would want to access your data, which only indicates that you don't understand Big Brother's motives, in which case you should study 1984 (which is loosely based on an aspect of our actual government, but enough on that). For example, if you keep a to-do or to-get list on a Windows PC, you might find that these goals are often frustrated.
So, instead of trying to isolate data from the internet via software, I isolate it electromagnetically, by using a "secure" offline mini-PC for everything that doesn't require internet access. This PC has no internet connection, internal storage (i.e. ssd, hdd, or nonvolatile memory other than the traditional tiny "BIOS memory") or wireless capability of any kind (to prevent the OS from surreptitiously activating it in burst-mode, which is a reality - just Google "wifi burst mode"), and it runs various types of Linux non-persistent flash-drive installations which don't retain data upon shut-down. [1] For storage, I use physically tiny encrypted flash drives which can be hidden anywhere. (Linux can encrypt regular flash drives and even micro-SSD cards, which can store vast amounts of data and transfer it at phenomenal speed.)
Washington Post reporter Dana Priest investigated post-9/11 surveillance capabilities and concluded that using such an "air gap" PC is necessary for secure communications - it would be used for composing and encrypting messages, and decrypting and reading them. This way, the unencrypted messages are electromagnetically isolated from the internet, instead of being supposedly isolated via software provided by Big Bro Inc., and only the encrypted versions are allowed onto internet-connected devices. (Supposedly secure platforms such as iPhones might be secure, but the average person can't be certain.) You could use a simple symmetrical encryption program known as Ccrypt to encrypt and decrypt messages, but since it uses the same password to encrypt and decrypt, password-security is a challenge. Linux also makes it relatively convenient to use public/private-key encryption with such a setup, in which case, the weak link is the recipient - test them by feeding them a supposed secret and watching what they do with it.
I switch a keyboard/touchpad and a monitor between my online and offline PCs with a cheap KVM switch. (The keyboard must be wired-only. Bluetooth isn't secure, as can be seen by Googling "hacking Bluetooth." Don't trust any assurances that the power levels are too low to detect beyond a few feet.) I wouldn't switch a printer between online and offline PC's because printers contain RAM which I just assume hackers could access via the online PC. If the power to the printer were turned off to erase the RAM after printing something with the offline PC, then it would be secure. (Don't just turn it off - unplug it, or the equivalent.)
So, my system doesn't rely completely on software for security, and I don't bother to update the online installation because the only sensitive data on it are some passwords (which I change periodically, and which are stored and processed with mature, relatively simple software) and financial transactions, which don't rely on the OS for security. I just replace my installations completely every couple of years just to stay reasonably current. (Try ignoring Windows-updates, or keeping Windows up-to-date without a high-speed internet connection. My Windows LAPTOP - not just the OS - died immediately after an "update," so it would seem that there's more to Window's "updates" than we're told. Some claim that Windows "updates" are a way for Big Bro to keep up-to-date on what we've been doing with our PC's while offline. It's technologically feasible, so you can't rule it out.)
Not having to constantly worry about security is a big relief, and using a dual-PC system provides more trustworthy security at a lower price than Windows can provide at any price.
Such a dual-PC system isn't necessarily expensive, thanks partly to the fact that Linux costs only what you care to donate to the developers, unless you use Red Hat Enterprise Linux. There will soon be mini-PCs with AMD's new Raven Ridge APU's, which provide a lot of processing-power per watt at a lower cost than Intel's similar products. A lot of the peripheral circuitry is on-chip, which will help to reduce the size and cost of the mini-PC. Although they won't be cheap at first ($250 per APU, according to what I've read) due to demand, they'll have the effect of reducing the cost of older models.
> Linux permissions & creating encrypted partitions
Linux newbies should be warned about the Linux permission-system, even if they don't intend to use it to anything near its full potential. If you intend to create and use encrypted drives, the default permissions on the drive will create problems if you try to use the encrypted drives on certain other types of Linux. So, if you want to be able to use the drive on any variety of Linux, you need to set the permissions so that any type of Linux can create and delete files, and the permissions on the files so that any type of Linux can read them and write to them. Only the "owner' can change permissions, so you'll have to change the permissions with the installation which was used for formatting the drive or for creating the file of interest. When you add a file to an encrypted partition, you should set its permissions to allow any type of Linux to read it and write to it. (Right-click on the file, select Properties, then Permissions, etc.) If you just copy a file from place to place the copy will retain the permissions of the original, except when copying from encrypted drives to FAT drives, the latter of which have no permission-system.
To create an encrypted (LUKS) partition, use the Disks utility, and first create a FAT partition where you want the LUKS partition, then reformat it as LUKS. (Linux formats use more space for "overhead" than FAT uses, so you might want to compensate by making the FAT partition larger than you need the LUKS partition to be. If you want the drive to have a FAT partition which can be read with Windows, make it the first partition, or Windows won't be able to find it, and test it on a Windows PC to be certain that Windows can find it.) Before creating a LUKS partition, be sure that you will have a way to remember the passphrase if it slips your mind. A good passphrase has a certain minimum number of characters, including upper and lower case letters, numbers, and symbols. It should be easy to remember but impossible to guess, and it helps if it's associated with a vivid image, such as "1/4"x4'x8'GradeX." It doesn't have to be easy to type - you could enter it once, save it in a clipboard-app, and paste it whenever you need it.
As far as I know, the best way to erase a LUKS partition on a USB flash drive is to use a USB-installer (see Note 1, para. B) just to format the drive, which takes just a few seconds. (Regular format utilities might appear at first to have the power to erase LUKS from a USB flash drive, but if you try to use them for this, you'll find that they don't.) So, you'd start the installation process, and stop it after a few seconds. Then you could format the drive with a regular format-utility such as GParted (which can't create LUKS partitions) or Disks, both of which, as I recall, can erase LUKS partitions from SD-cards.
> If you need Windows
If you need special hardware or software, you might still need Windows, in which case you could have a third PC or use one of the PCs for both Windows and Linux. In this case, I recommend keeping them on separate drives - I bought a cheap Acer Windows 7 PC and added an hdd for Linux, which I use mainly as a PVR in conjunction with an HDHomerun tuner - the software required to interface with the HDHomerun is available from the Linux repositories, listed under HDHomerun. (The VLC Player, which is included with many varieties of Linux, provides the rest of the functionality required for a PVR, although I recommend creating a bunch of batch files to perform some of the steps involved in starting a recording, as described in an earlier entry in my blog toggwu.blogspot.com. If you want something to automatically record TV programs, you'll probably end up wanting a DVR.) I use a rotary switch which I added on back of the PC to switch the power to one hdd or the other. (This is not the recommended approach in general, but I've never had any problems with it. To be on the safe side, you just have to be sure that the PC is off before flipping the switch.) I can also switch both hdd's off, and boot the PC from the USB ports with flash-drive installations. (When I boot from a flash drive, and then switch to Windows, Windows tells me that it has to perform a "repair" procedure, which is just an attempt to scare us away from using Linux. I once let it run its course, and even stopped it and restarted it, which is taboo, and it supposedly couldn't repair "the problem." On a lark, I rebooted, and had no problems, and haven't in years since then. Windows can tell when I boot the PC from a USB port by examining the BIOS memory, which retains an indication of the port used previously for booting, and only Linux boots from a USB port. What it doesn't know is that the Windows drive was off when Linux was running, and that there is no way it could have damaged the Windows installation.) I've used Windows 7 in an offline mode for years without updating it, so I'd never consider using it to access the internet. I'm not sure whether this could be done with Windows 10.
Notes
[1] Suppose that you just have a no-OS mini-PC at home, and want to run Linux on it. To obtain "bootable" copies of Linux (copies which you can run on PCs), and the ingredients required to create additional bootable copies in case the need should arise, I'd take the following items to a library:
A) A flash drive for storing a Linux "ISO." An ISO is a type of archive-file which is used for various purposes, including for distributing Linux via the internet. The largest ISO I've seen lately is on the order of 2.5 GB, although I have seen them as large as 4GB.
B) A flash drive or two to turn into bootable flash drives (not for storing data). A bootable flash drive is made by copying a Linux ISO to the flash drive with a "USB installer" program, such as the Windows program known as Rufus. Bootable flash drives are used by plugging them into a compatible PC (chances are that any recent type of Linux is compatible with any recent PC, although Mint has been known to have compatibility issues, which are beyond the scope of this note). The PC is then started, hopefully causing it to boot from the flash drive. (If there's an internal drive, I'd disable it by disabling the SATA controller via the "BIOS"-settings menu before trying to boot with a flash drive. You could also change the boot-order so that the PC would first try to boot from a USB port. Likewise, I'd remove any bootable DVDs from the PC's DVD drive, which is easier than changing the boot order.) I'd plug the boot-drive into the rear of the PC to avoid accidentally unplugging it while the PC is running, which would require rebooting and perhaps cause some work to be lost.
C) A blank DVD to turn into a bootable DVD, to use for booting the PC if all of my bootable flash drives were to die, or if I wanted to create a full installation on an internal drive. To create a full installation, you'd boot from the bootable DVD and then select the install-option. Bootable flash drive installations don't always work for this - you might get all the way through the installation process, and then when you try to boot the PC from the hdd/ssd, discover that the PC can't find the supposed installation. I'd take a couple of extra DVDs to the library in case something goes wrong.
When you arrive at the library with these items, download the Linux "desktop" ISO of choice to the Windows PC's Downloads directory and the send a copy to your flash drive. (Mint Cinnamon or Mint Mate, from linuxmint.com, are good for starters due to their selection of software, and the 64-bit versions will probably run on almost any recent PC.)
To create a bootable DVD, put a blank DVD in the PC's DVD-drive, right-click on the ISO, and make the selections required to copy it to the DVD "as image," which copies the CONTENTS of the ISO to the DVD, resulting in a bootable DVD. Copying "as data" or "as file" will create another copy of the ISO, which isn't bootable.
To create a bootable flash drive, download a copy of the USB-installer known as Rufus, and plug a flash drive that you want to turn into a bootable flash drive into the PC (unplug your data-drive to avoid installing Linux over the data). Start Rufus, tell it to use an ISO as the source, point it to the ISO you just downloaded, and then start the installation-process. Rufus might need to update itself, but this is typically quick and easy, although you'll have to keep copies of the update-files for home use and keep them in a directory with Rufus so that it can find them when it tries to update itself offline.
Another possibility, although less practical, is to purchase a bootable DVD from OSDisc.com and create an ISO from it using a Windows program known as "CD Burner XP," or a Linux burner-program known as Brasero. In the latter case, you'd probably need two DVD's - one for booting and the other to use as the data-source, and two DVD-drives. Then you could use the ISO and the USB installer supplied with Mint to create bootable flash drives.
Revisions
9/7/17 - Added material to the end of the 1st paragraph and revised the beginning of the 2nd paragraph.
9/9/17 - Essentially rewrote everything and added a lot of stuff.
9/10/17 - A) Added parenthetical passage in 1st paragraph. B) In 2nd para., might have tweaked passage on wi-fi burst mode. C) Tweaked last sentence in 4th para. D) Heavily revised paragraph beginning with "So, my system doesn't totally rely on software," for clarity. E) Deleted superfluous sentence from end of paragraph beginning with "Not having to constantly worry...." F) Tweaked 1st sentence in 2nd para. in Note 1.
9/11/17 - A) Rewrote Note 1. B) Added section entitled "> Linux permissions & creating encrypted partitions." C) Added heading "> If you need Windows" and added a recommendation in that section to create batch files for starting recordings with the HDHomerun tuner. D) Added Snowden quote to 1st paragraph. E) Revise 3rd paragraph for clarity, and mentioned that recipients of confidential information are typically the weak links.
9/12/17 - A) Added "(see Note 1, para. B)" and tweaked para. B because previous version might have given the impression that all USB-installers run on Windows. B) Revised last half of 3rd para. C) Revised beginning of 5th para.
9/13/17 - Revised 2nd sentence of 2nd paragraph to include nonvolatile memory as a form of internal storage. There are plans for new types of CPUs with built-in nonvolatile RAM which will revolutionize computing (such as by allowing instant-on portable devices with blazing speed), but pose a security problem, although the NV RAM would be encrypted. Perhaps it will be possible in certain cases to make the portion with NV RAM removable so that it can be physically secured.
9/25/17 - A) Fixed sentence which now begins with "So, my system doesn't rely completely on software for security,..." B) Clarified paragraph which begins with "To create an encrypted (LUKS) partition," C) Revised Note 1, parts A, C, and the paragraphs beginning with "To create a bootable...."
