VEHICLES : Physical Devices

Hardware Separation for Compartmentalisation

Hardware separation can be approached in two ways:

1. Dedicating a single device to a specific CAR.
2. Spreading CARS across multiple shared devices.

Each approach has its strengths, challenges, and appropriate use cases depending on privacy needs and practical limitations.

---

Dedicating a Device to a Specific CAR

The strongest level of isolation is achieved when each CAR is assigned its own dedicated physical device. This 1-to-1 ratio ensures complete separation of activities, significantly reducing the risk of cross-contamination or accidental data leaks.

Challenges of Dedicated Devices:

• Practicality: Managing and storing a large number of devices can be cumbersome.
• Cost: Purchasing and maintaining multiple devices is often cost-prohibitive.
• Maintenance: Keeping software updated and addressing end-of-life issues when devices are no longer supported can be a burden.
• Portability: Transporting multiple devices, especially for those on the move, adds complexity.

Despite these challenges, dedicated devices offer:

• Enhanced Security: Specific devices can be configured for maximum privacy and security for sensitive activities needing extreme privacy.
• Flexibility: Certain devices may better suit the unique needs of particular CARS, such as lightweight laptops for travel, or air-gapped computers for critical data management.

For those with extreme privacy needs or a strong requirement for strict separation—such as managing sensitive communications, secure financial operations, or working in adversarial environments—dedicated devices are a powerful tool for compartmentalisation.

---

Spreading CARS Across Multiple Devices

When managing a 1-to-1 ratio of devices is impractical, a more balanced approach is to spread multiple CARS across a few shared devices. This involves compartmentalising activities on the same device using software-based methods like virtual machines, encrypted containers, multiple user profiles, or isolated browsers.

Advantages of Spreading CARS:

• Cost-Effective: Reduces the financial burden of purchasing multiple devices.
• Manageability: Easier to store, maintain, and transport compared to a large number of dedicated devices.
• Portability: Allows you to carry fewer devices while maintaining separation between roles and activities.
• Flexibility: Certain devices may better suit the unique needs of particular CARS, such as lightweight laptops for travel, or air-gapped computers for critical data management

Challenges of Spreading CARS:

• Cross-Contamination Risk: Sharing a device between multiple CARS increases the risk of data overlap or leaks. Strict operational discipline and strong software compartmentalisation are required to mitigate this.
• Maintenance: As with dedicated devices, you must address updates, security patches, and end-of-life support for each device.

That said, spreading CARS across devices still offers greater flexibility. By selecting devices that align with the needs of specific roles—such as a secure laptop for work and a portable tablet for hobbies—you can optimise your setup without requiring strict 1-to-1 separation.

---

Choosing the Right Approach

• Dedicated Devices: Best suited for those with extreme privacy needs or critical activities where absolute separation is required.
• Spreading CARS: A practical compromise for most people, providing strong compartmentalisation while balancing cost, portability, and manageability.

By understanding the strengths of hardware separation and leveraging the unique capabilities of different devices, you can tailor your compartmentalisation strategy to suit both your privacy needs and lifestyle.

SUPPORT FOR OLDER DEVICES

Older devices that no longer receive official support can still be useful for hardware separation. While outdated operating systems pose risks, installing lightweight Linux distributions like Puppy Linux or Bodhi Linux can extend their lifespan. In the mobile world, projects like postmarketOS offer Linux-based alternatives for older smartphones, helping to counteract planned obsolescence by Big Tech companies. While some popular hardware has strong driver support, others may face limitations, so compatibility should be considered before repurposing device