Language Selection

English French German Italian Portuguese Spanish

Microsoft

Microsoft Malware and Spyware, GNU/Linux Routers

Filed under
GNU
Linux
Microsoft
Security
  • ‘We’re From Microsoft and We’ve Been Remotely Watching Your Computer’

    We are going into our third year of living in the Gardens of Taylor. When you come off of the city street and onto this property, you can sometimes get a creepy feeling, like this is familiar in an unpleasant sort of way. It can feel like you’ve just stepped into Stepford Village. Every yard has been manicured to match the ones on either side of it. The edging along all driveways and sidewalks is a perfect two inches across and if a weed or mushroom happens to grow within that etched space, it is gone the next time you look for it.

    Stuff like that just vanishes. Spooky like.

    Fact is, the property manager pays the lawn service to make a drive through every other day in order to take care of any anomalies. Once I got used to it, I became comfortable with living here, being that it’s for people with physical disabilities and age 55 or over.

    On moving-in day, we hadn’t been there an hour before people began to take notice of us from across the street. They would stop just long enough to pretend they weren’t checking us out, then they would be on their way. Some even stopped to help.

    [...]

    Now Claude and Jane both run Linux. Their money is safe, and if anyone calls giving them instructions how to get a virus off of their Windows’ computer, they just laugh and hang up, but not before telling them they run Linux.

    There will come a day, maybe sooner than any of us think, when a scam like this might actually work on a Linux machine. In the past two years we’ve seen stories of Linux servers being compromised, and there is constant news that this or that piece of malicious code might be making its way to Linux computers soon.

    Being prudent, I run both Avast for day-to-day stuff and various Clam iterations for biweekly sweeps for rootkits. I exchange a lot of Windows stuff with my Reglue kids, so that’s only smart. Not that I expect anything to go south in the near future. Everything I’ve seen coming down the Linux pike demands hands-on the target computer to inject the badware.

    Here’s a Helios Helpful Hint: Don’t let someone you don’t know have access to your computer, sans the repair guy.

    However I do believe in preparedness. Jane’s Linux Mint install runs the same security as mine and I administrate it remotely (from home. I’ll get Claude up to speed on Wednesday.

    How long ago was it that many of us gave up on the “disconnected generation?” For a while I didn’t work with people who were so set in their ways that they bucked any suggestion of having to learn something new. And honest-to-goodness, a lady in the neighborhood asked me to make her computer the same way it was when she bought it. That would be the Windows Vista release. Sigh.

    “No ma’am. Not for any amount of money. Sorry.”

    I’m not into any more stress than necessary these days.

    Vista? Really?

  • Security Design: Stop Trying to Fix the User

    Every few years, a researcher replicates a security study by littering USB sticks around an organization's grounds and waiting to see how many people pick them up and plug them in, causing the autorun function to install innocuous malware on their computers. These studies are great for making security professionals feel superior. The researchers get to demonstrate their security expertise and use the results as "teachable moments" for others. "If only everyone was more security aware and had more security training," they say, "the Internet would be a much safer place."

    Enough of that. The problem isn't the users: it's that we've designed our computer systems' security so badly that we demand the user do all of these counterintuitive things. Why can't users choose easy-to-remember passwords? Why can't they click on links in emails with wild abandon? Why can't they plug a USB stick into a computer without facing a myriad of viruses? Why are we trying to fix the user instead of solving the underlying security problem?

  • Security Design: Stop Trying to Fix the User [It says (scroll down) "Getting a virus simply by opening an email was an urban legend, a technically impossible but scary sounding thing to frighten normies with, as late as the 90s. ...Microsoft made that myth real with the first release of Outlook"]
  • A tiny PC as a router

    We needed a router and wifi access point in the office, and simultaneously both I and my co-worker Ivan needed such a thing at our respective homes. After some discussion, and after reading articles in Ars Technica about building PCs to act as routers, we decided to do just that.

    The PC solution seem to offer better performance, but this is actually not a major reason for us.

    We want to have systems we understand and can hack. A standard x86 PC running Debian sounds ideal to use.

    Why not a cheap commercial router? They tend to be opaque and mysterious, and can't be managed with standard tooling such as Ansible. They may or may not have good security support. Also, they may or may not have sufficient functionality to be nice things, such as DNS for local machines, or the full power if iptables for firewalling.

    Why not OpenWRT? Some models of commercial routers are supported by OpenWRT. Finding good hardware that is also supported by OpenWRT is a task in itself, and not the kind of task especially I like to do. Even if one goes this route, the environment isn't quite a standard Linux system, because of various hardware limitations. (OpenWRT is a worthy project, just not our preference.)

Desktop: GNU/Linux Bug Reports, Creator of DirectX on the Demise of Microsoft, Vista 10 Share Falls

Filed under
GNU
Linux
Microsoft
  • The Bug Report

    So I get a bug report. It is on GNU/Linux, of course, because that is the only ecosystem that sends bug reports.

    So first I boot up my work box (Computer #1, Windows 10) which is the one that has the sweet monitor and try to VPN to the Server box (Computer #2, GNU/Linux Fedora Server, amd64). But, of course, at one point I'd stripped all the non-console-mode functionality off of the server, so VPN is a fail. I could have done the fix easily via ssh and emacs-nox, but, I figure it will only take a minute to get a graphical environment up and running.

    There's a GNU Linux VM running on VirtualBox on the work box, but, I get distracted from the actual problem when I can't figure out how to get VirtualBox to create a large screen. Totally not a problem, but, I get obsessed with this minutiae and can't let it go. I waste time tweaking the virtual graphics card settings with no effect.

  • Doom for Windows [Ed: by the creator of DirectX, who isn't pleased with Windows Update.]

    Windows failed to make the leap to new business models and new distributed computing paradigms such that now in the year 2016 Microsoft is on the cutting edge of adopting Apple’s 2007 business model for Windows 10. Here’s why Microsoft has reached the end of its road. They lost the mobile market, they lost search, they’re struggling to compete in the cloud and all they have left is a legacy OS with an architecture from the days of personal computing when connectivity was something only nerds and IT managers worried about. Now the idea of personal computer security is collapsing. It is readily becoming apparent that NOTHING can stop malicious attackers from eventually penetrating the best most advanced security measures of any personal device. Furthermore, as the Edward Snowden scandal has made plain to us all, if malicious attackers aren’t breaking into our computers, then the worlds governments are requiring companies to make their products vulnerable to intrusion. The idea that a lowly personal computer behind a frail consumer router… made in China… stands any chance of resisting serious hacking attempts is a fast fading dream.

    Back when I was making online game publishing DRM (Digital Rights Management) Solutions we measured the time it took Chinese and Russian hackers to crack our best latest security attempts in weeks. Today it can take a matter of days or hours.

    The Windows Operating system has become vast, bloated and cumbersome to maintain. It faces constant security bombardment by the entire worlds connected hacker community and government security agencies. The volume of patches it needs to maintain even the most rudimentary pretext of stability and security requires a constant and overwhelming flood of Windows updates. The seriousness of the situation and the sheer flood of data Microsoft is constantly sending to our computers is staggering. I wanted to show a screen shot of my HUGE Windows Update history but mysteriously, after this most recent disastrous update… Microsoft has seen fit to clear my machine of that information…

  • No Free Upgrades, No New Users: Windows 10 Declines for First Time Since Launch [Ed: based on Microsoft-connected firm]

    The latest batch of market share statistics provided by Net Applications for desktop operating systems puts Windows 10 on the second position in the rankings, but it also reveals something totally unexpected that happened last month.

    Windows 10 has actually lost market share last month despite the fact that everyone expected the operating system to continue its growth, which could be a sign that Microsoft’s 1 billion devices running Windows 10 goal might take a bit longer to become reality.

4 of the Best Linux Distros for Windows Users

Filed under
GNU
Linux
Microsoft

For the past year Microsoft has offered free upgrades to their latest operating system, Windows 10. This was mainly due to the fact that Windows 8 and 8.1 were poorly received, especially when compared to Windows 7. Unfortunately the free upgrade period has passed, so if you want to give Windows 10 a try, you’ll have to dig into your wallet to do it. If your faith in the tech giant has waned over the years, you’re not alone. The latest versions of Windows have all been heavily criticized, proving that they have been a far cry from the world dominance of Windows XP.

If you’re one of the many people turned off by the latest iterations of Windows, the jump to Linux might look very appealing. Unfortunately, a new OS often comes with a steep learning curve. Windows, with the exception of the fumble that was 8, has more or less looked and behaved the same for years. Having to re-learn everything can be a daunting task, one that could pressure you into staying with Windows forever.

However, you do have options. There are many different distributions of Linux out there, with some aiming to replicate the look and feel of Windows. The goal of this is to make transitioning relatively painless. With Linux boasting improved hardware support, long term stability and a wider range of software applications, there is no better time to try it out!

Read more

Related (Microsoft exodus): Microsoft Applications and Services chief Qi Lu leaves the company<

More on Russia Moving to FOSS

Filed under
Microsoft
OSS
  • Moscow Drops Microsoft on Putin’s Call for Self-Sufficiency

    Moscow city will replace Microsoft Corp. programs with domestic software on thousands of computers in answer to President Vladimir Putin’s call for Russia’s authorities to reduce dependence on foreign technology amid tensions with the U.S. and Europe.

    The city will initially replace Microsoft’s Exchange Server and Outlook on 6,000 computers with an e-mail system installed by state-run carrier Rostelecom PJSC, Artem Yermolaev, head of information technology for Moscow, told reporters Tuesday. Moscow may expand deployment of the new software, developed by Russia’s New Cloud Technologies, to as many as 600,000 computers and servers, and may also consider replacing Windows and Office, Yermolaev said.

  • Why Microsoft is getting the cold shoulder from Moscow

    Since the German city of Munich decided to ditch Microsoft Windows and Office, a growing number of European agencies have followed suit - from France's national police force to the Italian military.

    The latest authority to turn its back on Microsoft is reportedly Moscow City Hall, which is transferring employee email from Microsoft Exchange Server and Outlook to the Russian-built MyOffice Mail.

    About 6,000 Moscow state employees will be switched over, including teachers, doctors and civil servants. If the move is a success, the city will consider shifting 600,000 PCs and servers away from Microsoft, and may also replace Windows and Office, according to Bloomberg.

  • Moscow will replace Microsoft's products with local offerings

    Microsoft might lose a whole city of customers in Russia. According to Bloomberg, Moscow will begin replacing Redmond's products with homegrown software as a result of Vladimir Putin's urging to stop depending on foreign tech. Artem Yermolaev, the city's head of information technology, told reporters that Moscow will begin by dropping Microsoft's Exchange Service and by replacing Outlook on 6,000 computers with state-run carrier Rostelecom PJSC's email system. Authorities are looking to deploy the email software to as many as 600,000 computers in the future. They might even replace Windows and the Office suite entirely, though there seems to be no solid plan for that at the moment.

Microsoft is no longer Russia’s first choice of technology provider

Filed under
Microsoft

The city of Moscow is contemplating ditching Microsoft’s technology as president Vladimir Putin urges state officials and local businesses to scale down their reliance on foreign software providers.

In turn, the city is replacing Microsoft’s products with solutions from local competitors.

Read more

Lenovo Anti-Linux, Layoffs, and Openwashing

Filed under
Android
GNU
Linux
Microsoft
  • Microsoft, Lenovo Accused Of Blocking Linux On Signature Edition PCs

    Laptops today are increasingly powerful. Right now, if you get a new laptop, the probability is that it comes with the new Windows 10 operating system but there are some people that prefer to have a choice when it comes to OS selection. While some people are fine with Windows 10, there are those who might want to have a dual OS system running. A few people who bought Lenovo laptops like the Yoga 900, 910S, and 710S, found that Lenovo was blocking Linux.

  • Motorola, Lenovo lay off over a thousand more people
  • New Lenovo layoffs at Moto, company has now lost over 95% of employees in four years

    Speaking to Droid-life, both sources inside the company and Motorola itself confirmed today that Lenovo has conducted a brutal round of layoffs at Moto. According to DL, over 50% of Motorola's existing US staff have lost their jobs. A 20-year veteran of the company allegedly posted on Facebook that he had been laid off, so it looks like Lenovo is cutting deep at the device-maker.

    One source told them that over 700 employees would be asked to leave of the over 1200 Motorola currently employs. No doubt Lenovo hopes to cut costs by integrating much of Motorola's software and hardware development into its own smartphone unit. Sensible or not, it's still rather sad to watch the once-proud brand slowly be swallowed by The Great Lenovo Monster. The lack of critical or consumer hype around the company's new Moto Z line hasn't helped matters, and while the refreshed Moto G franchise was generally well-received, it's the expensive phones that make the money, and I have a hard time believing the Z series is a runaway sales success.

  • Lenovo Courts Devs WIth Moto Z Source Code Release

    Lenovo, which owns Motorola, last week released the kernel source code for the Moto Z Droid smartphone on Github. The move follows the company's posting of the Moto Z Droid Moto Mods Development Kit and Moto Mods on Github this summer. This is the first kernel source code made available for the Moto Z family of devices. Releasing the kernel source code seems to be another step in Lenovo's attempt to get devs to build an iPhone-like ecosystem around the Moto Z family. The Z family is modular.

Letter to the Federal Trade Commission regarding Lenovo blocking Linux and other operating system installations on Yoga PCs.

Filed under
GNU
Linux
Microsoft
  • Letter to the Federal Trade Commission regarding Lenovo blocking Linux and other operating system installations on Yoga PCs.

    Lenovo just updated the BIOS for the Yoga 710, another system that doesn't allow Linux installs. Wanna know what they changed? Update to TPM (secret encryption module used for Digital Restrictions Management) and an update to the Intel Management Engine, which is essentially a backdoor rootkit built into all recent Intel processors (but AMD has their version too, so what do you do?). No Linux support. Priorities...

  • Microsoft told to compensate customers for Windows 10 breaking computers

    Microsoft has been urged to pay compensation to customers that have suffered computer malfunctions when upgrading to its new software Windows 10.

    Since the company released the software last year it has been plagued by complaints, with customers claiming their computers upgraded without their permission and, in some cases, completely stopped working.

    Which?, the consumer watchdog, has told Microsoft to "honour consumers' rights" and compensate those who have suffered from problems, including lost files, email accounts no longer syncing and failed WiFi connection.

    It said Microsoft customers had also complained that their webcams suddenly stopped working, as did speakers and printers in the wake of the upgrade.

  • Veteran Windows journo slams Microsoft over Surface Pro issues

    Microsoft's tardiness and lack of communication in relation to battery issues affecting its Surface Pro PC/tablet hybrid has been slammed by well-known journalist Ed Bott who has been writing about the company for 25 years.

    In a column titled "Shame on Microsoft for leaving Surface Pro customers in the dark", Bott wrote that Microsoft had not shown any appreciation of the users who had helped put its Surface business on a solid footing.

    He wrote that after the Surface Pro 3 had been in the market for more than a year, users began noticing a steady drop in battery capacity.

    In March 2016, the company's support lines began fielding calls about the issue, with complaints that batteries that should have held a charge for five or more hours were going dead in 20 or 30 minutes and refusing to charge fully.

My Mom Runs Linux!

Filed under
GNU
Linux
Microsoft

People are coming to Linux in droves these days. They each have their own reasons. It could be a desire to get out from under the thumb of proprietary software’s limitations, privacy concerns or just plain old economics. Some of them find a whole new world of computing happiness and others walk away frustrated. Why is that?

How you approach learning something new usually will determine just how successful you are at learning it. It’s all about attitude. Learning is a journey and those who cling to the fear of not reaching a pleasant destination usually quit before they start and stay right where they are. Those who are born with an innate curiosity and a sense of adventure often find that learning something new brings great rewards. Thus, they are constantly looking for new things to learn. It’s the naturally curious ones who tend to do well with Linux.

If you sit a child in front of a Linux computer, they usually just start using it. It’s an amazing thing to watch. Kids are curious by nature and they also have the added advantage of not having any preconceived notions when it comes to how a computer ought to work. I have found, on the other hand, that the hardest kind of person to teach Linux is the crusty old Windows power user. They are lost from the start and tend to get easily frustrated when they come across something they don’t understand. Their outbursts of anger can be quite animated! The Internet’s public forums are full of vitriol flung at the Linux Community by these sorts of folks. I learned a long time ago that the best way to deal with them is to simply ignore them. The psychological reasons for their bitter negativity are beyond my expertise to deal with, therefore, I don’t. What I try to do is focus on the positive and help folks who want to learn.

Read more

Also: Windows 10 Might Soon Track Absolutely Everything You Do for Your Own Good

Classic Damage Control: Lenovo and Microsoft Got Their 'Official' Lie/Denial Together, Now Engage in Revisionism by Contacting Journalists

Filed under
GNU
Linux
Microsoft
Syndicate content

More in Tux Machines

Security News

  • Wednesday's security updates
  • Secure your Elasticsearch cluster and avoid ransomware
    Last week, news came out that unprotected MongoDB databases are being actively compromised: content copied and replaced by a message asking for a ransom to get it back. As The Register reports: Elasticsearch is next. Protecting access to Elasticsearch by a firewall is not always possible. But even in environments where it is possible, many admins are not protecting their databases. Even if you cannot use a firewall, you can secure connection to Elasticsearch by using encryption. Elasticsearch by itself does not provide any authentication or encryption possibilities. Still, there are many third-party solutions available, each with its own drawbacks and advantages.
  • Resolve to Follow These 8 Steps for Better Data Security in 2017
    Getting physically fit is a typical New Year's resolution. Given that most of us spend more time online than in a gym, the start of the new year also might be a great time to improve your security “fitness.” As with physical fitness challenges, the biggest issue with digital security is always stagnation. That is, if you don't move and don't change, atrophy sets in. In physical fitness, atrophy is a function of muscles not being exercised. In digital fitness, security risks increase when you fail to change passwords, update network systems and adopt improved security technology. Before long, your IT systems literally become a “sitting duck.” Given the volume of data breaches that occurred in 2016, it is highly likely that everyone reading this has had at least one breach of their accounts compromised in some way, such as their Yahoo data account. Hackers somewhere may have one of the passwords you’ve used at one point to access a particular site or service. If you're still using that same password somewhere, in a way that can connect that account to you, that's a non-trivial risk. Changing passwords is the first of eight security resolutions that can help to improve your online security fitness in 2017. Click through this eWEEK slide show to discover the rest.
  • Pwn2Own 2017 Takes Aim at Linux, Servers and Web Browsers
    10th anniversary edition of Pwn2Own hacking contest offers over $1M in prize money to security researchers across a long list of targets including Virtual Machines, servers, enterprise applications and web browsers. Over the last decade, the Zero Day Initiative's (ZDI) annual Pwn2Own competition has emerged to become one of the premiere events on the information security calendar and the 2017 edition does not look to be any different. For the tenth anniversary of the Pwn2Own contest, ZDI, now owned and operated by Trend Micro, is going farther than ever before, with more targets and more prize money available for security researchers to claim by successfully executing zero-day exploits.
  • 'Factorio' is another game that was being hit by key scammers
    In another case of scammers trying to buy keys with often stolen credit cards to sell on websites like G2A, the developers of 'Factorio' have written about their experience with it (and other stuff too).

Red Hat News

Development News: LLVM, New Releases, and GCC

PulseAudio 10 and Virtual GPU in Linux

  • PulseAudio 10 Coming Soon, Using Memfd Shared Memory By Default
    It's been a half year since the debut of PulseAudio 9.0 while the release of PulseAudio 10 is coming soon. PulseAudio 9.99.1 development release was tagged earlier this month, then usually after x.99.2 marks the official release, so it won't be much longer now before seeing PulseAudio 10.0 begin to appear in Linux distributions.
  • Experimenting With Virtual GPU Support On Linux 4.10 + Libvirt
    With the Linux 4.10 kernel having initial but limited Intel Graphics Virtualization Tech support, you can begin playing with the experimental virtual GPU support using the upstream kernel and libvirt.