Bonum Certa Men Certa

Citation/Atlas 'Security' Exam is a Total Farce, But It's Still Good for Entertainment Purposes

Summary: What are people being taught about so-called 'security'? Might that explain so many security breaches? (Poor training, wrong assumptions)

OVER the years I saw criticisms of school or classroom indoctrination about copyrights. They're basically teaching/pushing a bunch of lies to young children in an effort to "educate" them about "copyright law" (sounds reasonable on the surface... until one actually checks what these pupils are being told).



"It's supposed to sound sophisticated, but the net gain for security is laughable."For ISO compliance purposes, sometimes I'm required to take and pass some online "training" courses. Some of these are ridiculously bad, so I end up taking screenshots.

This post is about fake security mindset -- a concept explained here several times earlier this year. It's supposed to sound sophisticated, but the net gain for security is laughable. Complexity does not beget security (usually the opposite is true; simplicity is auditable). Basically, it boils down to what's sometimes known as "security theatre", owing to a 'fake security' cargo cult of "phones" or "apps" and "clown computing" (i.e. giving all your access credentials to some other company, along with highly sensitive data).

During my latest "training" I stumbled upon about 40 examples of amusing errors and silliness (it's all over the place, sometimes with repetition for extra effect or 'good' measure), but to keep things more concise and digestable I took screenshots and annotated them a little, just as I did last year with edX [1, 2], in effect shilling for the Linux Foundation in the guise of "training". Where does one draw the line between courses and marketing, revisionism, and even outright lies?

"Basically, it boils down to what's sometimes known as "security theatre", owing to a 'fake security' cargo cult of "phones" or "apps" and "clown computing" (i.e. giving all your access credentials to some other company, along with highly sensitive data)."Below I present just a small sample. Almost at random I narrowed it down to just a dozen rather unique examples (there are many more similar instances of these). Surely, a more exhaustive list would take a lot of time to prepare while the clock is running. At the end, one is required to lie or say what they expect you to say in order to pass the test (which I did). To be fair, the questions aren't as terrible as the supposed 'training', as they don't mention brand names there or promote outrageous fallacies.

Without further ado, let's begin.

Does that mean what they think it means? Yes! They can! Like, every person? If you already labeled them that, what does that mean? 'Good' ones?

It doesn't take a genius to see what's happening here and why it's shallow. Infantile questions like, ARE CRIMINALS A THREAT? It's like a colouring book quiz with heroes and villains. They present actual adults with such questions. We'll come back to it later when it comes to "exam time".

They don't need to target you, they can target the software you use, e.g. Microsoft Windows

Notice how, just like Microsoft, they're looking to blame computer users or "criminals" (or some nations like China or Russia). Anything to divert liability away from rogue software companies that write shoddy code, hide the defects, and code back doors for the NSA et al.

Let's move on.

Apple or Microsoft

Wait, I'm confused.

You mean Microsoft

As if it's the user's fault that Microsoft cannot secure its own systems...

Surveillance devices with back doors are some of the least secure ways to maintain access to things

Yes, let's all use 'phones' to manage critical servers... with "apps".

Back doors of vendors and governments not even mentioned

Missing part?

With back-doored encryption of the aforementioned brands?

No mention of "weakened" (i.e. fake) encryption.

Microsoft promotion (niche player)

Why are they ignoring bigger players like Facebook and Twitter? Brand promoting? Wait, there's more right after that...

What if I don't use (back-doored) Windows?

It's 2021 and they still think everyone uses Windows. Guess what... Windows market share is less than a third.

But should I use Windows at all?

Windows again.

OK, questions time. First in the test:

The simplistic children's villain narrative

So let me guess... "criminals" are the threat. Who would have guessed?

Did I learn something from this course? Absolutely nothing. But I got some giggles. Many millions of people are constantly subjected to this kind of propaganda, which sometimes seems more like marketing than actual education.

Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day