Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 9 submissions in the queue.

50 Ways to Avoid Getting Hacked in 2017

posted by on Monday January 09 2017, @10:05AM   Printer-friendly
from the belt-and-[suspenders|braces] dept.

-- OriginalOwner_ writes:

Red Hat employee Daniel J. Walsh writes via OpenSource.com

When I was young, Paul Simon released his hit song, 50 Ways to Leave Your Lover. Inspired by this song, I've collected 50 ways sysadmins and laypeople can avoid getting hacked:

"Make a new plan, Stan"
[...]
6. Run applications in the SELinux Sandbox whenever possible--it was a container before containers were cool. Also follow the development of Flatpack, which soon should be developing sandboxing capabilities.

7. Don't install or use Flash. Firefox no longer supports it, and hopefully most web servers are moving away from it.
[...]
"Just get yourself free"
[...]
19. [...] I don't do online banking on my phone--only on my Linux computer.
[...]
"Hop on the bus, Gus"

21. Run Linux on your systems. When I first hooked my father up with a computer system, I barely got home before his system was infested with viruses. I returned and installed Linux on his system and he has been running it ever since.
[...]
"And get yourself free"
[...]
50. Set up a special guest network for all those Christmas IoT devices your kids receive. I love my Amazon Echo and automated lights and power switches ("Alexa, turn on the Christmas Lights"), but each one of these is a Linux operating system [whose manufacturer's configuration] has questionable security.

Do you take exception with anything he suggests. (Being a Red Hat guy, he is enthusiastic about systemd.) Can you think of something he missed?

Original Submission

 
This discussion has been archived. No new comments can be posted.
50 Ways to Avoid Getting Hacked in 2017 | Log In/Create an Account | Top | 41 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by SDRefugee on Monday January 09 2017, @05:22PM

    by SDRefugee (4477) on Monday January 09 2017, @05:22PM (#451520)

    I'm a retired sysadmin, did 20 years with Windows, but my first love being Linux. I've migrated quite a number of non-tech users to Linux (X/LUbuntu), the first ones being a couple who loved to click on EVERYthing and whose machines were bogged down with so much malware that
    it was best to nuke/repave, but they either never made or lost their recovery disks, and the machines in question were older P4s, with a max of
    2Gb of ram, thus were not good candidates for Win7. So I gave them a choice: New machine OR Linux.. I gave them a LiveCD and had them
    use it via live for a few days, and then asked them if they could live with it.. At first it was like "I guess if I have to" but after using it for a while
    both of them found they liked it better.. I've since done quite a few more simply by word of mouth. Ever since Win10 came out and folks are getting that on their new machines, and the word spreads about what a nightmare Windows 10 is with your privacy, I'm looking at starting a
    small side-business doing Linux migrations. These Linux installs are set up such that the daily user acct has no sudo perms. When the user wants
    to install a piece of s/w from the Ubuntu "store", they log out of their daily acct, login to an "install" acct which has sudo perms for the Ubuntu "store" only, and automatically logs them out after 30 min.. I have an acct on the system called "admin" with sudo perms and the password known only to me, Firefox and Chrome are sandboxed via "firejail", and has TeamviewerQS installed, as a few of these users are waay across town and a couple are in Illinois..

    --
    America should be proud of Edward Snowden, the hero, whether they know it or not..
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Monday January 09 2017, @08:19PM

    by Anonymous Coward on Monday January 09 2017, @08:19PM (#451599)

    These Linux installs are set up such that the daily user acct has no sudo perms.

    Even the default install in *n?x requires the user to explicitly grant permission for a download/install to be runnable.
    This makes the notion of a drive-by infection quite foreign to users of Linux and its kin.

    In contrast, any app that hits a Windoze system is automatically executable.
    (I understand that MICROS~1 **finally** made auto-execute **not** the default for anything it found on plugged-in/inserted media.)
    N.B. Outside of extremely-locked-down kiosks, it's been a long time since I've used M$'s dreck, so perhaps something has changed radically in the permissions/security arena and I am unaware of that.

    firejail

    More folks need to be aware if that paradigm.
    Especially the folks who support the will-click-on-anything types.

    I gave them a LiveCD

    One of the coolest things ever devised.

    I'm looking at starting a small side-business doing Linux migrations

    Godspeed to you.

    .
    On my system (small-ish onscreen windows and large-ish fonts), the hard linebreaks that you have (seemingly randomly) inserted into sentences within your comment look odd.
    If you hit Control+PlusSign, a couple of times, you may see your stuff as some other folks do.

    The -lack- of -paragraph- breaks (double carriage returns) is also odd.
    For easier reading, the length of your comment deserves at least 2 of those IMO.

    -- OriginalOwner_ [soylentnews.org]