SoylentNews is people
SoylentNews
Red Hat employee Daniel J. Walsh writes via OpenSource.com
When I was young, Paul Simon released his hit song, 50 Ways to Leave Your Lover. Inspired by this song, I've collected 50 ways sysadmins and laypeople can avoid getting hacked:
"Make a new plan, Stan"
[...]
6. Run applications in the SELinux Sandbox whenever possible--it was a container before containers were cool. Also follow the development of Flatpack, which soon should be developing sandboxing capabilities.7. Don't install or use Flash. Firefox no longer supports it, and hopefully most web servers are moving away from it.
[...]
"Just get yourself free"
[...]
19. [...] I don't do online banking on my phone--only on my Linux computer.
[...]
"Hop on the bus, Gus"21. Run Linux on your systems. When I first hooked my father up with a computer system, I barely got home before his system was infested with viruses. I returned and installed Linux on his system and he has been running it ever since.
[...]
"And get yourself free"
[...]
50. Set up a special guest network for all those Christmas IoT devices your kids receive. I love my Amazon Echo and automated lights and power switches ("Alexa, turn on the Christmas Lights"), but each one of these is a Linux operating system [whose manufacturer's configuration] has questionable security.
Do you take exception with anything he suggests. (Being a Red Hat guy, he is enthusiastic about systemd.) Can you think of something he missed?
(Score: 2) by jmorris on Monday January 09 2017, @08:54PM
Let me introduce you to a concept called "risk and reward" Encrypting my streaming music brings so close to zero reward than the very high cost totally swamps it. The reward of encrypting MOST of my routine web activity is almost zero. The sites themselves are the menace to privacy, NoScript, FlashBlock, Ghostery, etc. are of far greater benefit to my privacy than what my ISP may or may not be gleaning from snooping the traffic.
I encrypt the WiFi link because I must, had a neighbor do naughty things with the open access point; can't be nice in the $current_year. But there is a public AP at work that isn't encrypted (uses a captcha login page requiring an account) so I can compare the battery drain, it is significant, as I noted. Encryption is not even close to free, the cost must be weighted against the gain. Especially when battery power enters the equation. Btw, back to that open AP, yes it would make sense to be a lot more paranoid about traffic going through a public AP.
HTTPS for gmail or even solyent is a different risk/reward calculation. Not that I'm worried about the monitoring of content here, everything I post is for public consumption, it is the loss of the login info since it is hard to do a split http/https where the login is via https and everything else http without opening up huge holes. And even with gmail I am not worried about the content of my mail, if I were it sure as Hell wouldn't be in my gmail account because Google is the big risk. No, again it is the gmail account itself that needs the protection since that one username/password gets an attacker so much. Two factor, btw, should be considered mandatory the second you put any money near your google account. Too bad evolution's calendar goes effing insane when you do.
(Score: -1, Troll) by Anonymous Coward on Monday January 09 2017, @09:55PM
You catch more flies with honey than vinegar, you know.
Or to put it in language you can understand, you don't have to be a cock, you *choose* to be a cock, then other people choose to avoid you.