Isn't CISCO short for ...
Central Intelligence Secretly Covered Operation?
131 publicly visible posts • joined 23 Feb 2020
I wrote 'well administered' by purpose. It means:
1. The user doesn't know the root pw, so social engineering can do little harm.
2. Misconfiguration: Admin fault, not Linux fault.
My question is unanswered still: In common ransomware attacks M$ Windows and M$ Office play key roles. What would be a comparable attack vector against LINUX (not against admin faults)?
Well, I know how ransomware enters Windows systems.
What would be the attack vector for Linux?
I for one can't see anything comparable.
Don't come with "If the malware is in the system it can do this and that".
I want to know HOW the malware should be able to enter a well administered Linux System.
The victim has to install it manually and give the root password? :-(
The truth:
"We are working in a M$ monoculture; we neglected our preventive IT scurity; a staffer opened a SPAM AND opened the attachment AND allowed macros."
Ouch!
Instead of the common "attack" by SPAM it may have been an attack against the known weaknesses of the M$ Exchange Server, automated as well.
"I have family all over the world that I want to easily keep in touch with"
Well, there are other, and most of all CLEAN, ways to accomplish that!
Signal, Threema, Wire, even Telegram is better than F.c.book, Insta or WA. And there are federated networks such as Jabber/XMPP or Element/Matrix.
No need to use F.c.book.
Lexmark: Last time i got my hands dirty by having to deal with the SW-crap they produce, it behaved like the computer had become member of a so-called church which to leave is near to impossible. Try and deinstall a Lexmark printer! The whole Windows printing system is an unrecoverable mess. Lucky the man who has an image of the clean and functioning state.
HP: Had the same issue with a HP MFP many years ago. The scanner part was defective. Repair economically not worthwhile. The printer part in solidarity refused to work, same as Canon :-(
"Google know more about you and your life than you will ever remember" - WRONG
The chocolate factory has nothing to gain here. The majority of the spying services, including doubleclick, is blocked in my PI-hole. I don't accept any cookies from spies. With various add-ons I fight browser fingerprinting and other means of tracking. About me Google may know a little bit, but that is about 2% of the knowledge about average John Doe.
"vote with your feet and opt out": Yes, that is exactly what I do and what I recommend. Replace Android by a clean custom-ROM.
"Alterntives ... are they good enough": The answer is, YES. For me and a lot of other people. Well, true, you need to invest a small portion of brain 1.0
"Governments": If you are target person of the state spies you can't escape them anyway. But you need not feed the Utah data centre of the NSA. It is ok to make their lives a little bit harder. ;-)
The researchers used LOS *with* additional OpenGApps in the "nano" variant.
Alas they were ill-informed.
1. You can have LOS utterly clean without any Google crap.
2. If you need GSF (Google Services Framework) because you want to use apps that require it, you can install the "pico" variant of OpenGApps or install MicroG, which both contain the essential GSF. The "pico" variant is only half of the size of the "nano" variant. Imagine what makes up for the difference ...
3. You can have LOS with MicroG integrated as "LineageOS for MicroG" https://lineage.microg.org/ or as "System /e/" as in the paper.
4. Even more privacy protection is available as "iodé". That is LOS, MicroG and additional amelioration of privacy protection. Only drawback is that it is available currently only for a restricted set of devices. https://iode.tech/en/iodeos-installation/
I for one use it on my Sony Xperia XA2, perfectly satisfied. It even has a built-in Ad- and Tracking-Blocker. I have 99,9% of the functions I want available AND perfect privacy protection.
I get SPAM sent from gmail accounts, sometimes even with DKIM signature. Often (depending on my mood) I send ABUSE complaints to all concerned. Have you ever tried sending an ABUSE complaint to abuse@gmail.com or network-abuse@google.com? The reaction is zero, nil, nought. :-(
sad to see how widespread this misunderstanding still exists.
With root you get administrator privileges inside you OS, be it stock android or a custom-ROM.
You don't need root to flash a custom-ROM! For that you need to unlock the bootloader, for which in turn you need a code from the manufacturer. Some of those support that, some don't.
The reason why they don't? My suspicion is that they try and achieve a vendor-lock-in.
Get rid of all that crap, bloatware, spyware, censorware.
Install a custom-ROM such as LineageOS, available here: https://wiki.lineageos.org/devices/apollon
There may be others; I didn't investigate further. LOS normally is sufficient. The one who needs GSF (Google Services Framework) installs OpenGApps or MicroG in addition.
I do this since my first Android smartphone Sony Ericsson Xperia Pro (slider physical keyboard!) that came with Android 2.3 then, ten years ago. It got a CyanogenMod (predecessor of LOS) from me. I have since *improved* ;-) and/or revitalised many smartphones from OnePlus and Sony with LOS or derivatives. My standby old (2015) Xperia Z5 is out of support from Sony but still runs fine on an up-to-date LOS 17 (~Android 10).
So this is my advice: Go for custom-ROM!
"... it's now up to the Commission to make it happen - and that will not be easy" - very true.
First you have to beat more than 6 Million US-$ from Microsoft left in Brussels last year. Plus the lobby expenses from other companies (Apple, F.c.book, Google, you name it).
https://www.youtube.com/watch?v=duaYLW7LQvg
The recent year and a half imposed severe restrictions on all of us. They made us quite unhappy and angry. The problem is, there is no single one to blame. But the bad temper piles up. And the first person in the way serves as outlet for all the rage. In my communities, neighbourhood and the like I observe that regularly. :-( It's a pity really.
1. NoScript. Spies such as doubleclick or optimizely I have closed down as "not trustworthy".
Without JS those evil third-parties can neither set not request cookies. My list of untrusted domains is looong.
2. Cookie Autodelete.
I for one accept all cookies. As soon as I leave the site the cookies and other fingerprinting crap are deleted (except those on my whitelist). :-)
https://www.cvedetails.com/product/38/?q=linux
https://www.cvedetails.com/product/32238/?q=Windows+10
and that is only five years for win10!
Just two figures: code execution vulnerabilities
Linux - 50 in eleven years
Win10 - 468 in five years!
What's more, nearly all of the Linux vulnerabilities are only locally exploitable.
Thus, the claim repeated in the title is a very bold - and false - assertion.
root
and execute arbitrary commands
... NOT buy network gear for Cisco or any other US manufacturer. At least here in Europe we have trustworthy manufacturers producing clean gear: Bintec-Elmeg, Clavister, Lancom, MikroTik. Blessedly we are not forced to use network gear laden with backdoors for CIA, NSA, you name it.