Bonum Certa Men Certa

Computing Security is Being Redefined as 'Controlled by NSA' (and Microsoft)

Video download link | md5sum cc6696c7257be46a08bd20b1ef1e58c4 Faking Security Again, Promoting Remote Control Creative Commons Attribution-No Derivative Works 4.0



Summary: The ascent of fake security or the concept that outsourcing trust to Pentagon-connected monopolies is the same as "security" [1, 2, 3] is a real problem because the mindset creeps into new legislation, in effect cementing monopolies and centralisation

THE Microsoft-connected shills, partly funded by Bill Gates himself, are having a go at Free software again, slandering or spreading FUD, as noted here. The talking points are based on old myths and stereotypes, so people from Red Hat (IBM) along with SJVN are rushing to respond.



"They're planning to mandate "secure" boot like browsers do with centralised/monopolised CAs."But to make matters much worse, it's part of a broader trend; they refer to Free software as "supply chain" and demonise it even when it's controlled by Microsoft and the NSA (shipping actual malware to GNU/Linux machines) and seems like fake security is being "mainstreamed" or "normalised". They want us to think that "self-signed" is inherently bad or dodgy, whereas Microsoft-controlled means safe. As Psydroid put it, in reference to this new article about "secure" boot in electric car chargers, "Microsoft controlling your car's security looks like a suicide mission to me. I don't mind them pushing this agenda; what is worse is that the alternatives are getting shoved aside; I mean, you can do whatever you want in your sandbox, but don't force it on everyone..."

They're planning to mandate "secure" boot like browsers do with centralised/monopolised CAs. While the article speaks specifically about the UK, "if these policies are broadly imposed even internationally," Psydroid notes, "we are in for some big problems."

It's part of an ongoing trend and it's also connected to the "smart" car series we recently did.

Here's what The Register says:

Electric car chargers will have to include secure boot and automatic network disconnection if unsigned software runs on the smart devices – but only from 2023, the British government has said.

New security requirements for smart chargers won't be enforced until the last day of this year, according to government papers reviewed by The Register.

While those changes are positive, and help protect against a deliberate cyber attack or a drive-by malware infection, the Electric Vehicles (Smart Charge Points) Regulations 2021, passed in December, gives industry a whole year before it has to meet the standards.

Schedule 1 of the regulations sets out the cybersecurity requirements new car chargers will have to meet and there's little to complain about there: secure boot; only running signed firmware; automatic checks for software updates; and a ban on "hard-coded security credentials."


Notice terms like "Smart Charge Points"; What's so smart about them? Who does this serve anyway? As noted in the video above, CIA tampering inside vehicles is a real thing, not just hearsay, based on leaks [1, 2] which motivated/urged the CIA to torture and then assassinate Julian Assange. These people don't care about security; it's all about domination over people.

Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
 
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024