Bonum Certa Men Certa

Nearly 40 Years Without Security Incidents

posted by Roy Schestowitz on Nov 03, 2024

Wires

LATER THIS week (on Thursday) this site turns 18 and we've already bought some party kits for the sister site's 21st anniversary. Next year the combined age - the age of both sites - will be 40. Over the years the sites ran Gentoo, Debian, CentOS, and Alpine.

In all this time we've never suffered a breach (security incidents) and since upgrading to Debian 12 we've hardly had to endure DDOS attacks. Aside from increased capacity owing to static pages replacing WordPress, Drupal, and MediaWiki, there are also some firewalling mechanisms that obstruct abusive bots and botnets.

Speaking for myself, I never ever had security incidents on my desktops/laptops. In my childhood, way back in the DOS days, there would be the occasional "rogue" floppy disk with a virus on it, but that predates the Web and viruses could not pass from one computer to another wirelessly or over a network cable (which most homes did not have at the time). As this predated hard-drives (for most people), a virus would be hard to transmit from one program to another (except RAM) and many boiled down to pranks, not ransom, extensive data loss, or permanently damaged hardware.

People who use Windows have come to sort of "accept" that security incidents are part of life or "normal". Disaster is always "imminent" and "unavoidable" (inevitable). At my last employer we saw clients' systems suffering security incidents (reasons varied), as did the last university I worked for. GNU/Linux isn't invulnerable to 'Windowsheads' assigned to manage it. Yes, a common pattern was neglect and mismanagement; misconfiguration was one symptom. One client put JBoss on Windows. Yes, Windows!! All the other machines (back end) ran GNU/Linux. This boiled down to an old technician (in his 60s) who used Microsoft for everything, even for his E-mail!

People who know how to run GNU/Linux (and not just reboot any time something goes wrong) can use it safely for many years. In my case, my two primary laptops have already had a combined uptime of 700+ days. And yes, those are safe. The world-facing (e.g. over SSH) machine is fully patched and was last rebooted (for a new kernel) about a week ago. It runs Debian 12.

The Microsoft-funded (e.g. by "ads") media likes to claim that "Linux" is not secure, but it often boils down to GPL violations or appliances/servers running Linux (or other key packages) that's years out of date while connected to the Net, sometimes needlessly. Not every machine needs to be accessible by anyone on the Net; or facilitate printing by every/any random IP address, even from North Korea.

3 years ago Dr. Andy Farnell said that "We Can't Teach Cybersecurity" in today's universities. He explained that real security practices are verboten or ridiculed, whereas snake-oil and charlatans take their place. Revisit what he wrote this past summer about "Clown Computing". This issue isn't limited to Microsoft, even if Microsoft remains the "worst of breed".

Other Recent Techrights' Posts

The Corrupt Lecture the Non-Corrupt - Part X - Deliberately Violate European Patent Convention (EPC), Tolerate Cocaine Use in Management, Hide That From Staff and Stakeholders
The "Alicante Mafia" (as staff calls it) is a disgrace to Europe
Apparently Last Day for Nearly 1,000 Confluent Workers IBM Laid Off Last Month
IBM is a dying company pretending to be strong because of its age
In Past 6 Months IBM Lost About 100 Billion Dollars in 'Value' While Debt Ballooned to 70 Billion Dollars
Welcome to a universe of fake finances and phony accounting based on fictional assets with made-up 'worth'
If We Move Everything to Devuan...
IRC, Git, Apache and so on
Campinos is a Lame Duck President This Year at the European Patent Office (EPO)
The strikes are not ending. If anything, they intensify further.
 
(Trigger Warning) Jeremy Bicha & Debian-Edu, TecKids, Ubuntu incest scandal at DebConf25
Reprinted with permission from Daniel Pocock
Upgrade Successful
we had a downtime of only 1-2 minutes overall (for two reboots)
Links 30/04/2026: Slop Industry Cannot Keep Up With Bills, "The World Is Getting Too Hot to Feed Itself"
Links for the day
Then Come the DDoS Attacks
Is someone trying to 'kill' Techrights?
The Register MS Running Spam Pieces for Huawei, a Banned Company
Money does not excuse bad behaviour
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 29, 2026
IRC logs for Wednesday, April 29, 2026
Gemini Links 30/04/2026: Outdoor Time, Old Computers, and Joining Geminispace
Links for the day
Dr. Andy Farnell on Weaponising Morality Against Technofascism and Slop
It's longer than a "tweet", so social control media addicts are likely mentally unfit to read it
Six Months
Techrights will be around (and active) for a very long time to come
Why We Publish "The Corrupt Lecture the Non-Corrupt"
We intend to report the facts, fearlessly, until real and lasting solutions are reached
SLAPP Censorship - Part 61 Out of 200: Garrett and Graveley Must Understand That Reporting Women's Issues in the United States of America (“the US”) is Not Impermissible
when you cover Microsoft corruption and have real effect
Weeks After Mass Layoffs of Red Hat Engineers We Learn of European "Buyouts" and Layoffs at IBM
At Microsoft, they tell us there are merely "buyouts", but they don't tell us what happens if you say "no!"
OS Upgrade Tentatively Scheduled for Tomorrow
We have some contingencies in case the upgrade goes wrong
Links 29/04/2026: LLM Chatbot Usage Goes Down Sharply (as Do Stocks Associated With Them), Microsoft's Circular Financing Accounting Fraud at Risk
Links for the day
Gemini Links 29/04/2026: Returning to an Exodus and Farewell APU
Links for the day
Slop Has a Long Way to Go Before It Gets Basic Facts Right
Please do not rely on slop for anything
The Corrupt Lecture the Non-Corrupt - Part IX - European Patents That Are Illegal (But Serve Non-European Monopolists in Exchange for 'Quick Cash')
People who shamelessly violate the European Patent Convention (EPC) have the audacity to lecture workers on "ethics"
Canonical is Selling You, Ubuntu is a Data-Collecting Platform
Canonical is looking for money in the wrong places
Links 29/04/2026: "Snowden Affair 13 Years Later" and "Landmark Data Center Pause"
Links for the day
Seems Like Only Techrights Covered IBM Laying Off About 33% of Confluent Staff
How can such a large round of layoffs evade today's media?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 28, 2026
IRC logs for Tuesday, April 28, 2026
Gemini Links 29/04/2026: Bad Diet, New Middle Ages, and Temperature Model
Links for the day
IBM is Already Doing 'Voluntary' Layoffs This Year in Europe ('Buyouts' Ahead of Mass Layoffs)
IBM's efforts to hide or belittle layoffs is noteworthy
Tracing Back the Misuse of the Word "Buyout" to Describe Merciless Mass Layoffs
So we can assume very large Microsoft layoffs are on the way, this time not spun as "buyouts"
Growing the List of Sites That Are Rogue
It's very important to raise and spread awareness of which ones are fake
Links 28/04/2026: Uganda Criminalising ‘Foreign Agents’ and China’s Economy "Starts to Show Cracks"
Links for the day
Anthropic and Claude Are National Security Risks Not Because of Politics But False Marketing and Vandalism, Plagiarism Sold as Innovation
The slop hype is causing severe damage
Like GAFAM, US Telecom Industry Has Severe Debt Problem
Maybe their real problem is true profitability
Gemini Links 28/04/2026: Misfin, ELPiS, and Developing Another Gemini Client
Links for the day
US Government Sites See More Traffic From Apple Devices Than Microsoft Windows PCs
Keep this in mind when Microsoft talks about mass layoffs while calling these "buyouts"
Layoffs Versus Buyouts
Microsoft has mass layoffs and those target the most experienced people in one of the best-paid locations
Latest Example of False Marketing by Anthropic
Like Scam Altman, they're better at buying publicity (paying for hype) than they are at delivering something of genuine value [...] That has the full make-up of fake news and a publicity stunt
IBM: From RAs to "Workforce Re-balancing" (New Names for Mass Layoffs)
Well, "workforce re-balancing" means "RAs", which is a misleading acronym IBM has devised to soften if not hide mass layoffs.
Aaron Hillel Swartz Would Have Turned 40 This Year
Aaron Swartz killed himself in 2013
The Trumps Are Making Jimmy Kimmel More Famous and Popular
Comedy has long been "controversial", but trying to get people sacked for the 'wrong' joke results in having no comedians or only pseudo-comedians who are the dictator's jester/joker
Microsoft's Grip Has Slipped, Market Share Steadily Declining
This is why Microsoft is having financial issue
Links 28/04/2026: Microsoft's GitHub Upselling After Two Leaders Jumped Ship (Losses Pile Up), "Inflation Jumps," and More
Links for the day
SLAPP Censorship - Part 60 Out of 200: Talking About Corruption at Microsoft and Arrest for Strangulation is "Malice"
At the moment Brett Wilson LLP has no new clients
The Corrupt Lecture the Non-Corrupt - Part VIII - "Red Line" When the European Patent Office (EPO) President Sleeps With Sister of "Cocaine Communication Manager" (Whom He Unconditionally Protects)
If only management took its own words (idealistic pontification) seriously
IBM Laying Off Thousands of Workers Again, Based on Q1 Earnings Call
under the guise of "workforce rebalancing" we are again seeing that IBM plans to pay people (severance) to leave
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, April 27, 2026
IRC logs for Monday, April 27, 2026
Gemini Links 28/04/2026: Good Sunrise Viewing and Self-hosting from Home
Links for the day[1;5C