Konstantin Ryabitsev’s high-level security recommendations for Linux Foundations systems administrators is probably not the kind of document that most of you would read. In fact, I’ve known a shocking number of SysAdmins who wouldn’t take the time to read something like this. But trust me it’s worth reading – even if you don’t understand it.
Now you’re probably wondering how reading something that you don’t understand could be useful. That’s a very understandable point of confusion. But when it comes to security the things that you don’t know or don’t understand are the things that could literally or metaphorically kill you. The stuff you don’t know is the most important stuff.
A lot of very technical people follow and read Blogs of War but I am primarily sharing this for the benefit of the other 99% – those of you who probably won’t fully understand Konstantin’s recommendations.
Because if you’re even remotely interested in security this will give you topics for exploration. This is a pretty cool jumping off point for those of you who want to learn more about securing yourself and your hardware. And don’t get too hung up on the Linux-specific recommendations because many of the concepts and vulnerabilities are universal. If you’re not interested in learning more about this topic that’s fine too – as long as you’re comfortable with the risk.
ISIS is extremely proud of their latest video but, trust me, it’s a bit of a snorefest. But, it’s also very different. The horrific violence they’re known for is there but only in comparatively small doses. Instead they’ve opted to take a lot of fringe financial theory (the kind you might have heard already if you pay attention to Ron Paul or Glenn Beck ) and wrap it The Mummy Returns production values. Then, just like a college freshmen who has taken one economics class and read a dozen conspiracy theory websites, they drone on and on and on. It’s weird – just not weird enough to be interesting.
Of course, what we really need to know is why they’re going to all of this trouble. I’m still processing this but from their perspective:
- The production values project authority and capability. Their internal and external audiences both need reassurance.
- The pseudo-intellectual financial theory will not impress economists but it will resonate with people who view alternative financial systems as a rejection of current political systems. There are large numbers of people in the Middle East – and the United States who share this view.
- It checks the theology box by claiming to be a model that is more inline with Islamic principals.
- Money is central to statehood so this reinforces that claim.
- At the end of the day the ISIS wants to be seen as a viable alternative to existing powers. Videos like this (and the factors mentioned above) help support that case – at least in the eyes of potential recruits and supporters.
The alignment with the non-Islamic conspiracy thought in the West is the most intriguing aspect of this communication. Is this convergence intentional or is it a coincidence arising out of the fact that these ideas on the financial fringe have been circulating for a long time? I can’t make a call on that at the moment but it is certainly a question worth considering.
While developers are increasingly embracing encryption and building apps with privacy as a key selling point our operating systems are moving in the opposite direction:
“Some users have even gone so far as to claim Windows 10 keylogs what you type and sends it back to Microsoft servers, with your machine ID in tow, every 30 minutes. Further still, it has been claimed that torrent users and tracker sites are being targeted by Microsoft (for pirated software) as well, and at least one of these sites have banned Windows 10 users altogether as a result.”
Geeks have options (see this roundup of privacy-oriented Linux distros), and some would argue that they’re fighting a losing battle anyway, but without a doubt everyone else is pwned right out of the box.
Recent updates to Windows 7 and 8 are raising concerns as well.