* Posts by pc-fluesterer.info

52 posts • joined 23 Feb 2020

Page:

EU open source study highlights economic benefits but says Union is 'on the back foot' with industrial policy

pc-fluesterer.info
Devil

not easy

"... it's now up to the Commission to make it happen - and that will not be easy" - very true.

First you have to beat more than 6 Million US-$ from Microsoft left in Brussels last year. Plus the lobby expenses from other companies (Apple, F.c.book, Google, you name it).

https://www.youtube.com/watch?v=duaYLW7LQvg

Microsoft Azure deprecations: API changes will break applications and PowerShell scripts

pc-fluesterer.info
Alert

"why Microsoft is pulling the rug out"

Just a thought.

Perhaps MS found a severe security flaw that cannot be mended otherwise. Or they had built in a backdoor and have reason to fear that it could be (or is already) discovered by foreign "services" and other cyber-crooks.

Your turn.

Perl Foundation faces more departures after pausing Community Affairs Team

pc-fluesterer.info
Black Helicopters

Culmination because of anger at Covid-19 measures?

The recent year and a half imposed severe restrictions on all of us. They made us quite unhappy and angry. The problem is, there is no single one to blame. But the bad temper piles up. And the first person in the way serves as outlet for all the rage. In my communities, neighbourhood and the like I observe that regularly. :-( It's a pity really.

UK competition bods to keep tabs on Google, ensure 'Privacy Sandbox' doesn't distort competition

pc-fluesterer.info
Boffin

countermeasures:

1. NoScript. Spies such as doubleclick or optimizely I have closed down as "not trustworthy".

Without JS those evil third-parties can neither set not request cookies. My list of untrusted domains is looong.

2. Cookie Autodelete.

I for one accept all cookies. As soon as I leave the site the cookies and other fingerprinting crap are deleted (except those on my whitelist). :-)

Good news for pentesters and network admins: US issues ransomware guidance asking biz to skill up security teams

pc-fluesterer.info
Coat

There is no glory in prevention

old proverb but alas still very true.

Huawei names first tablets, phones to run its Android-in-disguise HarmonyOS 2

pc-fluesterer.info
Megaphone

and MagicEarth

these two (MagicEarth and OSMAnd) are my favourite maps and navigation apps on LineageOS. Google? NEVER!

Apple is happy to diss the desktop – it knows who's got the most to lose

pc-fluesterer.info
Thumb Down

ridiculous - "Win10 ... is no more inherently vulnerable than Apple or Linux ..."

https://www.cvedetails.com/product/38/?q=linux

https://www.cvedetails.com/product/32238/?q=Windows+10

and that is only five years for win10!

Just two figures: code execution vulnerabilities

Linux - 50 in eleven years

Win10 - 468 in five years!

What's more, nearly all of the Linux vulnerabilities are only locally exploitable.

Thus, the claim repeated in the title is a very bold - and false - assertion.

pc-fluesterer.info
Happy

Linux updates burn zero time

Of course I use only LTS systems (debian, Mint, LMDE). All of them are automatically updated in background; very seldom I have to perform a few clicks. When I sometimes start my Win-10 VM - what a resources hog! Linux rules.

Cisco HyperFlex web interface has critical flaw that lets attackers get root and execute arbitrary commands

pc-fluesterer.info
FAIL

it's not a bug, it's a feature!

... for the three-letter-agencies.

If you have a QNAP NAS, stop what you're doing right now and install latest updates. Do it before Qlocker gets you

pc-fluesterer.info
FAIL

Hard-coded login credentials - ouch!

some may call it a backdoor.

I for one would never ever buy a NAS off the shelf, not from QNAP nor S...ology nor the rest of the gang.

After all, there is OpenMediaVault. You can install it on a RasPi an tailor it to exactly your needs. Mission accomplished.

10 years later, Chrome OS starts to look like a proper OS with hardware diagnostics and the ability to scan documents

pc-fluesterer.info
Thumb Up

use Linux

A "Linux based" OS - what's the use? You can employ Linux directly.

If you avoid xUbuntu you have no slurping at all.

Now it is F5’s turn to reveal critical security bugs – and the Feds were quick to sound the alarm on these BIG-IP flaws

pc-fluesterer.info
FAIL

USA network gear? Off-limits!

s/security bugs/backdoors/

1Password has none, KeePass has none... So why are there seven embedded trackers in the LastPass Android app?

pc-fluesterer.info
Megaphone

Re: "Cloud" and passwords

nothing to worry about if all content is encrypted client-side an the cloud stores it zero-knowledge. Go for Bitwarden (the FOSS version from f-droid).

pc-fluesterer.info
Flame

LogMeIn is owned by - uhm - Private Equity

https://www.globenewswire.com/news-release/2020/08/31/2086214/0/en/Francisco-Partners-and-Evergreen-Coast-Capital-Complete-Acquisition-of-LogMeIn.html

Linux Mint users in hot water for being slow with security updates, running old versions

pc-fluesterer.info
FAIL

how do you accoplish SAFE SURFING?

pls. tell us your secret. What is SAFE SURFING? A condom over the mouse? What else?

Cisco reveals critical bug in small biz VPN routers when half the world is stuck working at home

pc-fluesterer.info
Black Helicopters

"And tell your friends in small business to ..."

... NOT buy network gear for Cisco or any other US manufacturer. At least here in Europe we have trustworthy manufacturers producing clean gear: Bintec-Elmeg, Clavister, Lancom, MikroTik. Blessedly we are not forced to use network gear laden with backdoors for CIA, NSA, you name it.

Synology to enforce use of validated disks in enterprise NAS boxes. And guess what? Only its own disks exceed 4TB

pc-fluesterer.info
Devil

Starts with "S" and ends "ology" - what might that be?

Taking this into consideration, nothing astonishing.

Smartphones are becoming like white goods, says analyst, with users only upgrading when their handsets break

pc-fluesterer.info
Megaphone

go for a custom-ROM

Android? What Android? My Sony Xperia XA2 came with Android 8.1.

I swapped that for LineageOS 15.1.

Currently I am on LineageOS 17.1 (~Android 10.1) and get weekly updates. Nothing to worry about.

pc-fluesterer.info
Alien

that comes for a price ...

yes, and that comes for a price: Apple knows everything about you.

For Apple you are not just naked, you are transparent.

pc-fluesterer.info
Megaphone

replaceable battery: does indeed exist!

Fairphone (Dutch), Shiftphone (German), Librem 5 from Purism (US), ...

BeyondCorp Enterprise: Google's Chrome-shaped approach to 'cloud-native zero trust computing'

pc-fluesterer.info
Holmes

Zero Trust? Check!

Well, I know Zero Knowledge. But Zero Trust?

However, Zero Trust fits perfectly.

My Trust in the Chocolate Factory is not just Zero, it is way below.

It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now

pc-fluesterer.info
Pirate

oh shit, another backdoor uncovered

who does believe this was not a backdoor?

Laptops given to British schools came preloaded with remote-access worm

pc-fluesterer.info
FAIL

Malware != vulnerability

not every malware relies on vulnerabilities. A vulnerability, if at all, you only need as part of an attack vector to infiltrate a system. But as well you can implement a RAT or whatever malware targeted and manually if you can get hold of the machine(s) in question. That doesn't employ a vulnerability.

OVH rises to Europe data sovereignty challenge (and AWS) with tape-as-a-service

pc-fluesterer.info
Flame

OVH - isn't that the souce of many attacks?

OVH for me has a very bad taste. I run a website that is under attack frequently. XSS, SQL injection, malicious uploads, attempts to log in - you name it. My firewall logs the source of attacks; subsequently I block the entire address range of the provider concerned from future access.

About 10% of all attacks (worldwide) stem from OVH!

A very respectable provider ... :-(

What happens when a Chrome extension with 2m+ users changes hands, raises red flags, doesn't document updates? Let's find out

pc-fluesterer.info
Megaphone

alternatives

not a fork, but alternatives. Brought to you by the chocolate factory: https://chrome.google.com/webstore/detail/the-great-suspender/klbibkeccnjlkjkiokjodocebajanakg?hl=en ((scroll down to "related"))

pc-fluesterer.info
IT Angle

MX Linux is based on debian too

here applies the same as for LMDE (see other post): They rely on debian supplying 32-bit still, which in turn relies on the kernel development of course. Bit if sometime in the future Linux will drop 32-bit support you can still move to xBSD. :-)

pc-fluesterer.info
Megaphone

go for LMDE

LMDE still is available 32-bit.

Alas it comes with cinnamon which is a resource hog - not particularly apt for weak HW. :-)

But fear not, you can easily install a slim DE such as MATE or XFCE.

BTDT.

LMDE will remain available 32-bit as long as debian will.

pc-fluesterer.info
Linux

rtorrent is Unix (Linux) only

+1, but rtorrent is Linux only. Which shows that you are on the same wave I am. :-)

Ad-scamming, login-stealing Windows malware is hitting Chrome, Edge, Firefox, Yandex browsers, says Microsoft

pc-fluesterer.info
FAIL

Re: Windows....

Aiming for the WEAKEST target is what you do...

pc-fluesterer.info
Thumb Down

Re: OS?

WOT was caught spying.

pc-fluesterer.info
Trollface

Re: OS?

you forgot to supply the 'irony' flag. :-)

pc-fluesterer.info
Thumb Down

Re: UN-bundled goodness

well, why do you use that crap called Windows in the first place? For usual office stuff Linux is more than sufficient. At my customers very seldom I see a robust reason for Windows. There are some, yes, and there are solutions for that.

The patch that wasn't: Cisco emits fresh fixes for NTLM hash-spilling vuln and XSS-RCE combo in Jabber app

pc-fluesterer.info
FAIL

No! It's not jabber, it's applications

Jabber, or XMPP as we call it nowadays, is just a protocol. The protocol is not the culprit; it is beyond any suspicion. The culprit is faulty (or backdoored, to be precise) SW in the case of Cisco, or a malicious App in the case of Alcatel. But who uses Cisco in the first place? I for one would never ever use Cisco (nor any other US-supplied network gear), particularly not for XMPP.

Sopra Steria: Adding up outages and ransomware cleanup, Ryuk attack will cost us up to €50m

pc-fluesterer.info
Linux

Linux is immune (was: Re: lesson learned?)

"Ransomware attacks exist on Linux as well as Windows" - WRONG.

Please give us one example - only one, pleeeease! - of an attack vector similar to those in the M$ biotope. A malware attack similar to those under Windows is IMPOSSIBLE against a Linux (or xBSD) desktop and network. You always need a maliciuos insider (such as 'evil maid') and/or severe blunder of system management.

Web servers are even more endangered. Why do the majority of web servers world wide run on Linux or xBSD? All successful attacks against Linux/xBSD web servers I know of were based on administrators errors (weak password and the like) and/or security holes in application SW (CMS, shop, database, ...). Which again is an administrative or system management error: Available patches not applied. NEVER was a weakness in the underlying OS Linux or xBSD part of the attack vector - in all cases I know of. Do you know better?

To make that clear: I am talking about the usual mass attacks. If you are target of a governmental "service" - they find their way sooner or later, so good luck! :-)

pc-fluesterer.info
Linux

lesson learned?

and, lesson learned? Any inference?

Or just "more of the same"? So goes the American proverb: If brute force didn't solve your problem, you didn't use enough of it. ...

Ever thought of a change of paradigm?

Not only put money on prevention, but migrate to FOSS.

The revolution will not be televised because my television has been radicalised

pc-fluesterer.info
Mushroom

is your TV a SAMSUNG by chance?

https://www.theregister.com/2020/09/30/samsung_smart_tv_ads/

Android without Google – and yes it has apps: The Reg talks to founder about the /e/ smartphone

pc-fluesterer.info

Alternative: Shiftphone

should be mentioned here as well: https://shop.shiftphones.com/ with ShiftOS L (light).

pc-fluesterer.info

Re: Can I just have an App that removes Google

rooting is NOT required! What you indeed have to do is UNLOCK the BOOTLOADER. That's a different beast. I for one run LineageOS with MicroG on two Sony XA2, one is rooted (mine) and the other isn't (my wifes).

pc-fluesterer.info

Re: Can I just have an App that removes Google

rooting is NOT required! What you indeed have to do is UNLOCK the BOOTLOADER. That's a different beast. I for one run LineageOS with MicroG on two Sony XA2, one is rooted (mine) and the other isn't (my wifes).

French IT outsourcer Sopra Steria hit by 'cyberattack', Ryuk ransomware suspected

pc-fluesterer.info

Re: "phishing attacks [..] tend to be very difficult for non-specialists to spot"

why not? Linux is immune against Conficker/Downadup and the like. ;-)

And even Windows CAN be hardened against USB attacks.

Well, yes, you have to do the hardening and actually do it before ...

Need a new computer for homeschooling? You can do worse than a sub-£30 2007 MacBook off eBay

pc-fluesterer.info
Alert

Beware 32-bit!

The choice of Linux distros that are 32-bit capable will narrow as time proceeds. Mint 19.3, supported until April 2023, is available for 32-bit. The successor Mint 20 is not! And the basis for Mint 20, Ubuntu 2004, has several aspects not welcome (packet format 'snap' and the corresponding proprietary app-store is one of them).

I am in the process of migrating many machines (mine and customer's) running Mint to LMDE. That is based on debian directly without deviation over Ubuntu. LMDE 4 still is 32-bit capable. Only backlash is that currently it comes with DE Cinnamon which is a resource-hog, not quite apt for elderly machines. But just replace it by DE Mate an you're done. :-) Happy ever since ...

So, what exactly are you planning to do with this new PC? Windows Insiders face new questions during OOBE

pc-fluesterer.info

Re: Confused

... and repeat that after each "upgrade" because your settings will be overwritten.

Global Privacy Control emerges as latest attempt to let netizens choose whether they want to be tracked online

pc-fluesterer.info

Re: You know you’re doing privacy better when...

plus NoScript, uMatrix and the like.

pc-fluesterer.info

Re: Another flag to be ignored

schools can't fight capitalism.

pc-fluesterer.info

Re: They just don't get it........but maybe that's the point!!!

"Google et all already have enough money. they do not need any more."

... but the shareholders do! Greed is infinite.

Burning down the house! Consumer champ Which? probes smart plugs to find a bunch of insecure fire-risk tat

pc-fluesterer.info

Re: What about the CE mark?

yes, I did. I bought a charger from a German merchant. ((Not even Amazon, as I NEVER buy there, for various reasons.)) The studs that go into the wall were too short an too small. In some receptacle the thing would work, in others not. It would build a loose contact, leading to danger of sparks an subesquent fire. Of course the charger had CE and a lot of further security tokens on it. I forwarded the dangerous thing to German authorities. But what's the use? German or even European authorities can only prosecute the merchant. They will never get hold of the Chinese manufacturer.

Sorry we shut you out, says Tutanota: Encrypted email service weathers latest of ongoing DDoS storms

pc-fluesterer.info

Re: Best advert ever

yes, that's true, I forgot: tuta lacks notification. And free accounts not used for six months are deleted. So, advantage for proton. Still tuta has its place for "special" purposes. ;-)

yes, lavabit, mailbox.org and posteo all cost. Huge amounts such as 15$/year (lavabit) or 12€/year (the other two). For more money you get more features.

I for one have paid accounts with ALL providers mentioned (incl. tuta an proton). And I can say: They are worth every single cent!

pc-fluesterer.info

Re: Best advert ever

tutanota is webmail only, no access w/ normal e-mail client. Same holds true for protonmail.ch, which I recommend as well.

Further recommendations w/ access by e-mail client: lavabit.com, mailbox.org, posteo.de (other languages available).

Party like it's 2004: Almost a quarter of Windows 10 PCs living with the latest update

pc-fluesterer.info

Re: But it bricks dell computers!

"I would have said sorry, I don't do Windows..." - I always say: I do W7, I do W8.1, I do migration from W to Linux. But I don't do W-X, by no means!

Windows 7 goes dual screen to shriek at passersby: Please, just upgrade me or let me die

pc-fluesterer.info

Why the hell does public sineage need underlying Windows?

a RasPi running Linux would be quite sufficient - and save energy!

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021