EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

09.12.20

When Debian’s Focus on Witch-hunts Overlooks Critical Infrastructure

Posted in Debian, Security at 8:54 am by Guest Editorial Team

Reprinted with permission from Debian Community News

In April 2020, we notice that Steve Greenland was removed from the Debian keyring.

Joerg Jaspert, Debian, abuse, cyberbullying, german, pgp, keyring, dam, steve greenwood, cancer

We went looking for details. Was he expelled, was it political? Was it based on falsified evidence, the way Debian Account Manager Enrico Zini falsified harassment claims against Jacob Appelbaum?

In fact, Steve Greenland died of cancer in July 2009. He was still on the Debian keyring up to 2020 because the Debian Account Managers (DAMs) were too busy playing politics. They were making up false evidence to remove political opponents but it never occurred to them that Greenland’s computers, with his PGP keys, would have been acquired by relatives or even sold on eBay.

Steve Greenland, death, cancer, Debian keyring

Anybody who obtains the PGP key of a Debian Developer is able to modify and upload a new version of any package in the Debian archive.

Greenland’s key could have been used by somebody else in the project to vote twice in controversial ballots, such as those regarding systemd and the Code of Conduct.

This risk was in the Debian keyring for 11 years, longer than the two years that Debian had a vulnerability in the OpenSSL / OpenSSH key generation due to a rogue patch by a volunteer.

This incident demonstrates the extent to which Debian’s toxic culture is a threat to the security of all users and not just the volunteers who have died in the middle of blackmail experiments.

Enrico Zini, Debian, Falsified harassment claims, Jacob Appelbaum, Perjury

08.25.20

[Meme] Sometimes It’s Smarter to be ‘Dumb’

Posted in BSD, GNU/Linux, Security at 8:38 am by Dr. Roy Schestowitz

In yesterday’s news: “Consumer Reports Study Shows Many ‘Smart’ Doorbells Are Dumb, Lack Basic Security”

COVID-19 masks: Linux/BSD Security, Proprietary Software

Summary: Just having devices that are based on BSD (UNIX) and “Linux” (GNU) isn’t enough for security, especially if the underlying software is secret and ports are left open, passwords unchanged etc.

08.21.20

[Meme] NSA Loves Windows… Especially When Not Patched for Years

Posted in GNU/Linux, Microsoft, Security, Windows at 2:05 pm by Dr. Roy Schestowitz

Smart and stupid: GNU/Linux Firewall, Windows back doors

Summary: Nothing has really changed since the Snowden NSA leaks, which revealed back doors in everything from Microsoft, including Windows; Microsoft only ever pretends to value real security

08.14.20

Ars Technica, ZDNet and Bleeping Nonsense Still Misreporting to Blame ‘Linux’ for Malware One Can Merely Add to Linux (Distracting From Systems With Back Doors, Such as Windows)

Posted in Deception, FUD, GNU/Linux, Microsoft, Security, Windows at 6:07 am by Dr. Roy Schestowitz

“Doctor, it hurts me when I do this.” Doctor: “so don’t do this.” Corporate media: “If you install malicious software or never patch, bad things can happen.” Geek: “I patch my systems and don’t install random stuff from dodgy Web sites.”

FBI/NSA report

Summary: A revised (spun) ‘report’ that we alluded to last night is spreading to more sites today or overnight; but it’s totally distorting the situation to make “Linux” seem a lot more dangerous than it really is

THE ‘news’ about “Linux” is always full of noise and FUD. Some of that comes from Microsoft front groups and Microsoft-connected publishers. That’s nothing new; it has been going on for well over a decade.

So we took a quick look at the original report [PDF] some chronic (serial) liars now allude to, assuming it’s that usual FUD where something one can add to Linux is portrayed as a problem with “Linux” itself (that’s like calling a hole in Photoshop a “Windows” bug).

“We’re omitting the links, but it definitely started with ZDNet, which also previously sought to associate Linux with terrorism, based on a distorted and cherry-picked government report that named “Gentoo” somewhere along the lines.”So while FBI, NSA etc. are themselves putting back doors in all things Microsoft here they are warning about “Russia” because it is possible, on an already-compromised system, to sort of rootkit everything (as one can expect; that’s a universal weakness and prevention framework exists, not only mitigation).

They suggest using a kernel not older than 3.7 (which is already very old).

The noise has already come from Microsoft Peter’s (pedophile) Ars Technica, Bleeping Computer and Bleeping Computer’s troll whom ZDNet hired. We’re omitting the links, but it definitely started with ZDNet, which also previously sought to associate Linux with terrorism, based on a distorted and cherry-picked government report that named “Gentoo” somewhere along the lines.

“As for ZDNet, its hire from Bleeping Computer (choice of a notorious drama queen, even prior to the hire) said a lot about ZDNet’s own agenda. The motivations are surface-deep.”Trashy media isn’t a new problem; the fact that Ars Technica had its “Open Source” section run solely by a Microsoft pedophile (until his arrest) speaks volumes, as does the fact that Mr. Goodin (Ars Technica) got sued for defamation for his inaccurate click-bait. As for ZDNet, its hire from Bleeping Computer (choice of a notorious drama queen, even prior to the hire) said a lot about ZDNet’s own agenda. The motivations are surface-deep.

Bleeping Computer? Bleeping nonsense! To hell with so-called ‘journalists’ who instead of showing people the actual report (screenshot above) come up with headlines such as “NSA and FBI warn that new Linux malware threatens national security” (by Mr. Goodin).

Ars Technica is owned by the same company that runs Reddit (where Microsoft critics are heavily censored), controls the site that caused Linus Torvalds to be temporarily ‘ousted’ from his own project, and repeatedly defamed Dr. Richard Stallman, egging on the online lynch mob.”We’d rather focus on patent threats and European Patent Office corruption, but lately there has been a rise in FUD against GNU/Linux, which means that some wealthy and well-connected people are growingly afraid of it (IIS is dying). They weaponise the media. They pay that same media. The editor of Ars Technica UK admitted to me that Microsoft wasn’t just the key advertiser but somewhat of a co-founder in the sponsorship sense. Ars Technica is owned by the same company that runs Reddit (where Microsoft critics are heavily censored), controls the site that caused Linus Torvalds to be temporarily ‘ousted’ from his own project, and repeatedly defamed Dr. Richard Stallman, egging on the online lynch mob.

Never forget what Microsoft did to Softpedia just months ago. It is another common vector of FUD, run single-handedly by a self-professed fan of Steve Ballmer. Microsoft, a very close ally of Donald Trump, plays dirty. We cannot just ignore all the FUD.

Update: Now it’s all over the place with needlessly alarming headlines:

Russia/Linux

07.30.20

[Meme] It Was Only a Matter of Time All Along

Posted in GNU/Linux, Kernel, Microsoft, Red Hat, Security, Servers at 10:25 pm by Dr. Roy Schestowitz

Kamen Rider Build Banjou Ryuga: Hold it right there! Told ya!

Summary: Taking boot level control away from computer users was a bad idea all along; giving Microsoft control over Linux booting was the icing on the cake (having to ask Microsoft for certificate/permission), not to mention an FSF award for it

Karma or Hubris? Is #TorvaldsWasRight a Thing Now?

Posted in GNU/Linux, Kernel, Microsoft, Red Hat, Security, Servers at 8:58 pm by Dr. Roy Schestowitz

This is why perceived ‘rudeness’ is sometimes necessary and well deserved

Red Hat won't boot
As widely reported right about now

Summary: Techrights did not forget how UEFI ‘secure’ boot came into kernel space (see the below); This proposal came from Red Hat and then foisted/pushed onto Linus Torvalds by at least 3 Red Hat employees (the mainstream media blasted Torvalds for his response to this ‘offensive’ technical move by Red Hat, helping Intel and Microsoft control silicon at CA level)
Red Hat UEFI push

Red Hat UEFI push

Red Hat UEFI push

Red Hat UEFI push

Red Hat UEFI push

UEFI ‘Secure Boot’ is Just a Security Mess, as Techrights Predicted All Along, and FSF Should Not Have Given That Award

Posted in FSF, IBM, Microsoft, Red Hat, Security at 4:20 am by Dr. Roy Schestowitz

Related: My Disagreement With the FSF Over UEFI ‘Secure Boot’ (2014)

UEFI award
Award for UEFI? Why? He now works for Google by the way.

FSF sponsors 2014
FSF sponsors at the time. Bidding war for bias/self-censorship?

Summary: We’ve long wondered why the FSF issued an award for an UEFI ‘secure boot’ facilitator working for Red Hat as even Linus Torvalds strongly objected to have Linux booting subjected to permission from Microsoft (he issued a very strongly worded objection with sexual metaphors) for no gain, not even security gain as ‘BootHole’ once again shows

07.29.20

‘Clickbait Star’ ZDNet Does Not Know the Difference Between Linux and Docker Misconfiguration

Posted in Deception, FUD, GNU/Linux, Security at 1:25 am by Dr. Roy Schestowitz

Irrfan Khan - Drake - Hotline approves: Badmouthing 'Linux'; Actually, this isn't about Linux

Summary: Another ‘own goal’ for the world’s worst ‘tech’ site, which spreads fear based on misunderstandings and misinformation (anything for clicks and to help push their sponsor, Microsoft)

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts