Minimalism and technology

A reader of Red Teams recently asked:

Hi I am Nilesh from India, just want to ask you that how do you follow minimalism in infosec carrer? i am also into infosec(student), I am overwhelmed by countless tools,which tools to keep installed and which do not. please help

can you please answer some questions 1.how do you manage ebooks,books on security sub 2.how do you manage tools(my laptop is full of tools)want to clean

please suggest any minimalist ideas to organize my study. (I would like to read if you write a post for infosec guys)

Thank You,
Nilesh.

Nilesh, thanks for the question. It is indeed a good one and there is no single answer here. I can tell you what I do, how my system works, however ultimately you have to find your own system. What might work for me might not work for you.

First of all let me start by saying that this is not an easy task. You have to be on top of it all the time, otherwise it is very easy for you computer to accumulate digital clutter.
My system uses a set of different directories that help me organize and get rid of things and a set of scripts that I wrote that do the hard work. On top of that I like to use very simple applications that are usually single tasked (they perform only one task, extremely well).

So. let’s see.

Files organization

I created 4 directories on my Home directory:

• imp/
• out/
• src/
• tmp/

I also have the default Downloads/ and Documents/ that come with Mac OS X.

imp/ stores the important files that I need for my current projects. I would create inside imp/ a subdirectory with the name of the project and place there per-project specific files. Once those projects are finalized all the files are archived on an external drive (which is clean once a month - projects older than 2 years are wiped clean). This directory also contains the databases for my password manager (1Password), my note taking app (Notational Velocity) and some other really important files such as encrypted volume drives for sensitive projects and my PGP files.

out/ stores the documents I need to email, copy to an external drive or otherwise extract from the computer such as a copy of the report after a project is finished, a copy of source code for an app that I need to send to a friend, etc. This directory gets cleaned once a week by a CRON job I created (it runs a BASH script that cleans files older than a week). Only the files for the current week will be stored in there. I also manually delete a file if I already sent it out.

src/ stores, like the name says, the source code for apps, scripts, tools, etc. This directory gets cleaned manually when I remember. The reason for this is that it doesn’t take a lot of space and it’s good to have all that source code for reference. I has saved me a lot of time when writing new tools, which are usually single tasked apps.

tmp/ this is a hard link to the system’s /tmp directory. I store here everything that is temporary such as files I am reviewing, pictures people send me, notes I take that I don’t want to keep, etc. The directory get’s cleaned by a CRON job I created (using a BASH script) or by the system itself when it is either rebooted or at sporadic intervals. If I am worried that a file might get deleted then I save it to the Downloads/ directory instead.

Downloads/ this directory contains apps that I downloaded, documents that I downloaded and pretty much anything that I download and want to keep for a day or two. The directory will get cleaned twice a week by a script.

Documents/ contains 3 subdirectories: books/ papers/ etc/. books/ contains my digital books for information security, pentesting, networking, protocols, OS reference, programming, etc. This directory gets clean manually when I finish a project. If I find a book that I don’t need for the project I delete it. I have an external disk that contains all the books I own so if I need them in the future I can get them from there. papers/ have documents with information I need that are not books, so if someone wrote a paper about alternate egress channels and I need it for a current project it will be stored here. As with books it gets cleaned when I finish a project. etc/ has anything else that I might need for reference.

All this organization might sound complex but it’s not. Because most of the cleaning is done by my scripts then I don’t have to think too much; and since I’ve been using this system for several years it is easy to remember what to place where. Once you have found a system that works for you and you start using it, it’ll become second nature to you.

Now, applications. I only have 5 applications that stay on my laptop:

• Xcode (to code)
• MouseClick (my own clicking app)
• Notational Velocity (note taking - sync with Simplenote)
• Quicksilver (everything)
• Stanza (so I can read epub books)
• Twitter

Those stay on my laptop because I use them constantly. I need other apps but those get installed, used and then deleted when I don’t need them anymore. For example 0xED, a hex editor for Mac. It’s a great app but I don’t use it all the time. I have it on one of my external drives when I keep apps that I might need.
That’s how I manage applications. If I don’t use it everyday they are out. If I use them often enough then they are saved on the external drive, otherwise I download them again whenever I need them.

I hope this helps. It’s not as minimal as you might think, but since simplicity and complexity complement each other, this seemingly complex method makes my working day really simple.