Bonum Certa Men Certa

This Remembrance Sunday We Must Also Remember That Some 'Security Companies' Want More Cyberwar

posted by Roy Schestowitz on Nov 09, 2024

Richard M. Stallman

Remembrance Sunday 2024: Manchester to commemorate our Armed Forces

Remember the young(er) Richard Stallman? Around the time I was born he was working to eliminate computer passwords. No, not breaking into accounts, just making passwords obsolete. His underlying rationale (or his personal motivation) was, passwords would not serve security but ultimately partition computers and keep some people out of necessary access, sometimes for immoral business reasons. The goal was to make hacks like, empty passwords or trivial passwords would let you in, bypassing the demands otherwise imposed by nontechnical bureaucrats.

One can find videos about it. In 1986 he said: "I use my login name as my password." Wikipedia said: "Stallman found a way to decrypt the passwords and sent users messages containing their decoded password, with a suggestion to change it to the empty string (that is, no password) instead, to re-enable anonymous access to the systems. Around 20% of the users followed his advice at the time, although passwords ultimately prevailed. Stallman boasted of the success of his campaign for many years afterward."

Security and access control aren't the same thing, albeit the concepts aren't entirely unrelated. If I let my wife access my computers (and vice versa), for instance, that's possibly an access control problem, but I trust her with my computers, so it's not a security problem and I never lock my screens. It would be futile and self-defeating to lock the screens. It might do more harm than good in case of emergencies. Trust and access control aren't the same concept. In the same vein, we share house keys with other people, sometimes even neighbours who possess "spares". Whether it's Alice and Bob or Roy and Rianne, the idea that people share some accounts isn't an aberration.

Looking at the bigger picture, should we accept the vision of universal back doors as a model of "national security"? That's pretty much what we have right now and therefore the World Wars aren't just kinetic anymore. Hospitals don't need to be bombed or shelled; British hospitals can be destroyed from a distant North Korea without a single ICBM, only Microsoft Windows.

Remembrance Day/Sunday is fast approaching, so I wanted to say a few words, as well as recommend (again) "After Cyberwar" - the latest article by Dr. Andy Farnell, a man whom my wife and I - not to mention Techrights associates - grew fond of because of his writings (he last published here yesterday).

Under the section "Blame games" Andy said: "The same is true for civilians in a war zone. They do not care whose missiles just landed on their farm. Their lot is no better for knowing they were "friendly" ones, or that they were the victim of "necessity" to drive out an enemy."

A few hours ago I said: "We need to reject headlines that say Iran or North Korea or China or Russia compromised some system and instead ask what it was that let them break in. Whose fault was it? Why were holes present? Very often it turns out to have been Microsoft's fault, but the mainstream media stops short of saying that or does not even bother to investigate the real cause (culprit). Headlines that blame Putin and Kim probably attract more clicks and offer political fodder."

The blame game or "attribution" spiel/ritual does not matter much to the so-called "civilians", which in the case of technology means ordinary users who don't dwell in datacentres, deploy code/programs, and write code.

Let's change the attitude we have towards computer security and security journalism. A lot of so-called 'journalism' in this domain is utter trash (example from days ago and another from a few weeks ago). We recently blacklisted some sites that claim to cover security issues because their quality and integrity had been long gone. They'd post obvious lies and peddle "snake-oil" for companies that don't purse security and instead seek to profit from insecurity.

Our goal, overall, should be real security, not ongoing (and prolonged) war. Some companies profit from the cyberwar; hence, their objective is not to end the war.

Other Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
 
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024