Comments on: Oh, lovely

By: Paddy

Paddy — Thu, 30 Jul 2009 16:24:00 +0000

@Linux crew

Linux is still only as secure as the person who configures and uses it. If you don’t know what you are doing, are unfamiliar with security principles and are unwilling to learn then it can be as wide open as any other operating system. Same for all OS’s, Windows does have holes, and these are patched, OSX has holes and are also patched (although less regularly?), if the operator DOES know what they are doing then there isn’t a problem.

By: The innocent won’t have anything to worry about – Counting Cats in Zanzibar

Sun, 01 Feb 2009 11:30:22 +0000

[...] enemies of everyone who believe in the principles he fought for. She points out a posting over on Timmys site, highlighting another, just another, act of contempt for all people by the bastards who rule [...]

By: eurealist.co.uk » Blog Archive » Check your firewalls, people

eurealist.co.uk » Blog Archive » Check your firewalls, people — Fri, 09 Jan 2009 06:51:10 +0000

[...] Via Timmy, I see that our real government has approved yet more disgustingly illiberal powers for the police. THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant. [...]

By: Denny, Alaska

Denny, Alaska — Wed, 07 Jan 2009 01:35:00 +0000

Come on: those of you who support the EU, what’s your response to this absurdity? You spend virtually this entire comment string detailing how to stop the sleuthing at your home computer. Aren’t you just the slightest bit concerned about your loss of liberties?

By: Official spyware? « DaTechguy’s Blog

Official spyware? « DaTechguy’s Blog — Wed, 07 Jan 2009 00:41:09 +0000

[...] has been a lot of loose talk over the years of civil liberties being eroded but this looks like the real thing: THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack [...]

By: Roger Thornhill

Roger Thornhill — Mon, 05 Jan 2009 18:09:16 +0000

When Ubuntu can outlast OpenVMS, then I will take notice.

I hope that Apple supports Itanium in the future for their Mac Pros, then I might be able to load up OpenVMS for some utterly bullet-proof operations.

Until then, I am downloading Ubuntu.

By: EU Authorise Police Hacking into your PC « Al Jahom’s Final Word

EU Authorise Police Hacking into your PC « Al Jahom’s Final Word — Mon, 05 Jan 2009 17:15:50 +0000

[...] http://timworstall.com/2009/01/04/oh-lovely/ [...]

By: David G

David G — Mon, 05 Jan 2009 13:47:39 +0000

Whilst I take all the above precautions anyway I have a question : IF they can read my disk, they can write to it. How are they going to explain the provenance of any data they find if they try to use it in evidence ? One assumes that this kind of covert hack will be used to evidence gather as a pre-cursor to getting a warrant to take the computer away for forensic examination (where there are very strict rules about maintaining the chain of evidence). Surely the act of reading my HD will make all of the above inadmissible ?

By: keith

keith — Mon, 05 Jan 2009 12:34:18 +0000

@mandrill
This is maybe what you were thinking of…

http://www.theregister.co.uk/2008/03/29/ubuntu_left_standing/

By: mandrill

mandrill — Mon, 05 Jan 2009 11:28:38 +0000

Ian B, If I remember correctly the annual hackers conference challenges all comers to hack (i.e compromise the security of) the major OS’s. Last year OSX took less than 30 seconds to fold, with XP and Vista close behind. Ubuntu was still standing strong when the conference finished. I can’t seem to find a reference to this on the webs, though I do remember reading about it at the time. If anyone else can find a link, I’d be grateful if you passed it on.

If you want to keep the cops from looking at your HDD use Linux, OpenBSD, Solaris, or BeOS. Open Source is generally far more secure than proprietory, closed source operating systems, more often than not because its prgogrammed and maintained by very skilled and motivated people, some of whom will either have been, or are hackers themselves and so know all the tricks.

By: keith

keith — Mon, 05 Jan 2009 09:32:07 +0000

Disk encryption like PGP is only effective against “cold” attacks where someone takes your computer and tries to read its contents. Once you’ve powered up your PC and typed in the decrypt key to access your disk the malware also gets access.

If you’re really paranoid, then use a Linux Live CD (e.g. Knoppix) and store your data on an encrypted USB drive mounted with “no execute” permission. Your online banking will then be completely safe from software keyloggers & trojans. All you then have to worry about are hardware keyloggers, traffic sniffing and the security of your banks systems…

Oh b******r it, I think I’ll go back to slate & chalk.

By: Även polisen kommer att kunna hacka sig in i din PC genom IPRED lagen

Även polisen kommer att kunna hacka sig in i din PC genom IPRED lagen — Mon, 05 Jan 2009 08:18:27 +0000

[...] lite i smyg för att inte störa allmänheten. Effekterna blir omfattande säger Tim Worstall i sin blogg. Utan domstolsbeslut kan polisen eller M15 hacka sig in och hämta vilka uppgifter de [...]

By: Michael Taylor

Michael Taylor — Mon, 05 Jan 2009 07:19:18 +0000

Does installing PGP whole disk encryption sort this one out?

By: David

David — Mon, 05 Jan 2009 00:59:10 +0000

Thank God there are people who look out for others.

By: Roger Thornhill

Roger Thornhill — Sun, 04 Jan 2009 21:44:33 +0000

I’d like to see a comment by one of those federastic Labour jockeys who scoffed at getting 1984.

I think my MP needs a reminder…

By: Ian B

Ian B — Sun, 04 Jan 2009 21:36:53 +0000

Keith, I’d say that if a bluehat (haha!) hacker can see what OS you’re using, you’ve already lost the battle.

By: keith

keith — Sun, 04 Jan 2009 21:33:26 +0000

All wifi is suspect! WEP can be cracked in minutes with suitable software (aircrack-ng). WPA has an exploitable flaw. WPA2 can be brute forced cracked in reasonable times using accelerated hardware (PC graphics cards turn out to be very good at the type of bulk calculation required) – google Elcomsoft.

Powerline ethernet broadcasts your traffic over mains electricity cables and can be seen outside your premises.

MS-Windows has more holes than a Swiss cheese. You’ve only got to look at the constant stream of patches from MS and virus scanner updates to see how bad.

Mac & Linux are better but by no means perfect.

EM radiation from screens and keyboards can be pick up by suitable receivers.

“Is there any way we can protect our pcs against this?”

You can make life harder for hackers (black or white) by using Mac/Linux, encrypted disks, VPNs and wired networks but the bottom line is you cannot stop anybody with sufficient motivation and resource.

By: Kay Tie

Kay Tie — Sun, 04 Jan 2009 18:32:12 +0000

“don’t use WiFi unless you’re confident as to the security aspects”

I can recommend the new generation of power-line ethernet adapters. They plug into a mains socket, require no software, no Windows driver faff, and just work. Bit of a pain for laptops, but for desktops, printers, etc. they are great.

By: Ian B

Ian B — Sun, 04 Jan 2009 17:52:36 +0000

Use a router with a good hardware firewall, don’t use WiFi unless you’re confident as to the security aspects or having nothing you’d prefer to remain private on your PC, don’t share drives with sensitive information on them, wear two pairs of underpants at all times.

By: Kay Tie

Kay Tie — Sun, 04 Jan 2009 15:16:19 +0000

“Is there any way we can protect our pcs against this?”

Of course. Make sure you have WPA encryption on your wifi router, not WEP. Make sure your OS is kept up-to-date. And use a Mac where possible.

I don’t expect the police to have any better hacking abilities than the malware community, who make a lot of money from phishing, botnets, etc. They have a lot more incentive than an employee of plod or even a software vendor to the Home Office (not that this will restrain the vendors in offering magic solutions to the Home Office).

The most effective technique, and one that is hard to resist, is where the police break in to your house and insert keyboard logger hardware into your machine. But I believe they still need a search warrant to do that.