April 25, 2025
Keeping tech free
It would seem the day of website defacements just for the heck of it are long past. I mean, that was so 1990s, right? Today’s hacker, the ones who have meaningful targets, are having a field day. Even the huge guard at the gate, Linux server space, has been knocked aside in order to gain passage.
I thought about ignoring this one and letting it slide, but it’s too priceless, too typically Microsoft, not to pass on. It seems that Redmond has been inadvertently infecting Windows computers with ransomware through its MSN website. Not to worry, however. The company is happy to hand you a tool to remove the malware, which is akin to locking the door after the horse is gone, as your files will by then be locked up tighter than a waterproof safe.
It always happens to someone else. Right? I mean, what are the chances it will happen to me? Or you? Be it winning the lottery or developing a debilitating disease. We all know someone who knows someone who…well, you know how it goes. It will happen to someone else.
And it did, two days ago. Across the street from me.
Claude and Jane are good folks. Both in their mid 70s. They live on their combined retirement funds and spend their time keeping busy with kids, grandkids, and from what I hear, a great-grandchild in a matter of months. They come over for coffee or tea at times, and we always see them at community center events. They are not well off by any standard, but they do okay…until last Saturday.
Your digital rights — do both your hardware and software respect them?
Because if they don’t, Purism might have the answer to this shortcoming.
At OSCON, Purism has on hand the Librem 13 and Librem 15 laptops – the numbers designating the screen size (13-inch and 15-inch, respectively) — which are both designed, chip-by-chip and line-by-line to respect your rights to privacy, security and freedom, which is Purism’s philosophy.
“We developed Purism so that users can have access to the highest quality computers without compromising these beliefs,” the Purism website states. “The founder of Purism developed the Philosophical Contract, that we all abide by, which was adopted from the Free Software Foundation, and expanded to include hardware manufacturing as it relates to software.”
Admin, News, Operating Systems and Security
We might as well start with the moral of this story: Don’t protect Windows with Windows.
For at least a decade, Microsoft has been chanting the mantra, “at Microsoft security is job one,” over and over and over. During this time, it’s repeated this mantra often enough to convince a lot of people that Windows is much safer than it once was, which I suppose is true since it couldn’t have gotten much worse. However, a new report from AV-Test proves the company isn’t yet ready to move up to the next mantra level and begin chanting, “at Microsoft we do security right,” because clearly it doesn’t.
Today I spent some time looking at a white paper issued by the security firm Symantec called Website Security Threat Report, which is basically a catalog of malware threats for the non-techie suits who control the purse strings for web facing server deployments — sort of a “here boss, this is why we have to spend so much money on security” type of thing. Most of it’s old news to those of us who, for whatever reason, follow tech news, but some of the trends noted by the folks at Symantec are interesting enough.
As a matter of fact, there’s a bit of sobering news for sites like FOSS Force, as again in 2014, technology sites top the list of the type of sites most likely to be exploited by cracker hackers, with the number on the rise. According to Symantec, last year tech sites represented 21.5 percent of sites infected by malware, up from 9.9 percent in 2013. Even more disturbing is that number two on this list are hosting sites, up from the number three position in 2013, with 7.3 percent of malware infected sites.
I recently offered some security tips aimed at new system administrators. And hey, the home users among you should take note, after all, you’re the administrator of your home system! One of the tips was “Don’t run as root.” Today I would like to expand on that a bit. First, we’ll take a look at why you should limit the use of your super powers. Then we’ll look at the best ways to use su and sudo to help you limit your risks.
Admin, News, Operating Systems and Security
Poor Microsoft. The beleaguered company just can’t catch a break. We’ve already told you about how Snowden’s revelations have forced the pride of Redmond to spend who knows how many millions opening two “transparency centers” to allow government IT experts to pore through source code to prove there’s no back doors baked into Windows or other Microsoft products. Trouble is, while its engineers have been busy plastering over all traces of old back doors, they’ve left a side door standing wide open, waiting to be exploited.
Ironically, this side door is intended to be a security door for third party add-ons that every Windows machine needs to keep it safe from cracker hackers — if that’s indeed possible. And this security tool is usually more trusted by Microsoft system admins, especially those outside the U.S., than Windows itself.
It’s generally fairly easy for new Linux administrators to get up and running with the basics of installing, configuring and managing Linux systems at a basic level. Truthfully, though, it takes years to get the in-depth knowledge required in many server environments today. One thing I really recommend learning early on — i.e. from the beginning — is security.
I participate in a group of professional penetration testers (the nice folks who help you test your security as if they were the bad guys) called Charlotte Hackers Anonymous. I asked the group what they thought were the most important tips for new system administrators, and below are their tips, along with my thoughts on each.
