Okay, so it’s all over the technology news sites, but maybe you don’t read them:
Even Boing Boing
In essence, someone got hold of the source code for one of the NSA’s snoop and scoop programs, and the source code itself clearly states that vanilla sites like Linux Journal are “extremist.” Is this some kind of satire? Well, the NSA shitheads are not normal people. You can’t take them seriously, except they do like to send the armed goons for some of the most frivolous reasons.
I tried using Windows 7 again for a couple of months, but it kept using more and more power to do things I didn’t want it to do, meanwhile failing to do things I did want. I finally got tired of the excess heat coming off my system and took it back to Debian Wheezy. That was a few weeks ago. It’s not as if I believe the NSA can’t plant their software on my system; they can, though not nearly so easily as with Windows. However, my concern was not keeping them out so much as the excess power use and having some control over what my system does.
So that makes me an extremist. You can’t make this stuff up.
Do you think we should tell the NSA that Tor is a standard package you can install from the official Debian software collection?
If you are considering migrating from Windows to Linux, how about OpenSUSE?
OpenSUSE is the free version of SUSE Linux. It is not all that well known in the US; it’s based in Germany. Among Linux users, it’s generally considered unorthodox because the company has contracts with Microsoft (AKA “The Borg”). Oddly, MS sold more SUSE licenses than almost any other vendor, despite being pretty darned expensive. It was also one of my first exposures to Linux back before the turn of the Millennium.
This is not your hobby Linux. Yet it is much more user friendly than Red Hat and the clones. It’s friendly in the sense that it will save you a lot of heartache if you don’t really need Linux, per se, but simply an escape from Windows for whatever reason. The default KDE desktop is lighter and faster than Win7 on the same hardware, but I suspect it wouldn’t make you all that happy on XP-grade hardware. Instead, it has one of the widest selection of hardware drivers, and these are generally much better integrated than in other brands of Linux. SUSE also tends to automate things rather like Windows does.
So it’s a very good path migrating from Windows if your motives don’t include adopting the semi-religious devotion to the sacred path of Open Source. However, it can be almost as much work as Windows has gotten to be, and it can be cranky in its own right. You won’t do this just for fun; you should possess at least a power user background in computers or get someone experienced to hold your hand. There are some parts of it that simply aren’t ready for the GUI, and requires some commandline-foo. On the other hand, it’s very work-oriented and the configuration tool (called “YaST”) is one of the easiest ways of configuring obscure stuff, including servers, for Linux.
Once you get used to the SUSE way of things, it’s pretty easy to maintain. As you might expect, the primary advantage making it worthwhile is all the security of Linux with far fewer long-term hassles.
Yours truly isn’t in the mood to write up a hand-holding guide right now. If you can install Win7 by yourself, you are smart enough to handle OpenSUSE. One of the main problems is a portion of the defaults aren’t what most Windows users would like. It makes dual-booting between Windows and SUSE easy, but if you want it take the whole hard drive, you’ll have to poke around awhile during installation. I highly recommend you don’t accept the default of creating a separate HOME partition. While the separate partitions make it easy to migrate up to the next version, the installer makes it very hard to give the other (root) partition enough space to be useful.
Another difficulty is that the installer offered no way I could see to check for updates during the installation. You’ll be saddled with a huge collection of updates as soon as you get logged into your desktop. The GUI for this can be a little confusing, throwing conflicting warnings at you. It’s one of the few things very poorly executed. You also may not like the default desktop decorations, because it tends to limit the options. Once you get past the initial hurdles, things get much smoother.
For example, SUSE has one of the smartest firewalls available. It’s default KDE desktop is very easy to configure and most system controls are very well integrated. I frankly recommend you avoid using non-standard repositories. The fonts aren’t as good as Linux can do, but good enough. The default licensed codecs are likely to cover most of your multimedia needs. You can get Adobe’s Flashplayer if you need it. Most of the standard stuff is good enough.
Some very large European organizations, like the municipal offices of Munich, have switched wholesale over to SUSE and things are good for them. It’s worth investigating, but only if you are serious and you don’t actively hate MS. It’s still one of my favorite brands of Linux on some hardware.
Update: Here is an installation walk-through.
Most of you will recognize the term malvertising. It’s a technique for infecting computers with malware by using the advertising feeds found on most websites. Similar with the way TV in the US is funded by advertising, this blog is also supported by advertising because I can’t afford to pay for it. That is, the agreement I make with WordPress is that they get to run advertising on my blog posts because I’m not paying them anything.
The problem is how those ads are delivered. You would routinely find an ad on a page had passed through three or more servers before it displays in your browser. The rights to post those ads are traded in many different ways. Too often, when someone pays the fees, nobody wants to ask any questions. By the time it gets to your computer, it could be the software equivalent to a nuclear device. The issue here is that advertisers never did have morals in the first place. They aren’t willing to rob people directly because it’s no fun and it’s risky. However, it makes them feel like a big stud if their skills and artistry brings in the customers. There is no trick they won’t use, and the laws are simply advisory in their minds.
There is nothing immoral about blocking advertising on the Internet. You aren’t stealing content; the advertisers are stealing your computer resources and flagrantly refusing to deal with the risk factors. Pitchmen are slimy as a whole, and the good guys are so rare we can’t find them. All of them claim they are the finest specimens of humanity, which is part of their lying sales pitch. A rare counter example is the Google text ads; simple information about the existence of a product is not a sin. How Google tries so damned hard to manipulate you by snooping on the content of your searches and your communications is a sin.
Few Internet users will go the lengths I do for computer security. I keep track of how this stuff works as part of my computer tech support ministry. I read about it every day. What follows are some suggestions based on what I’ve tried for myself.
Learn about browser extensions: Ghostery, Adblock, Click & Clean, and tools like Bleachbit or CCleaner. Learn where they are and bookmark them.
Select your browser carefully. Use more than one for different purposes. I use Seamonkey to protect my important logins. You’d need to explore the features and settings possible to understand why. It comes with a host of extensions the same as Firefox, but offers far more fine-grained user control.
I use one browser only for Facebook (Opera’s newest line of WebKit browsers) with the appropriate extensions. I chase links from FB using the “private browser window” (right-click on the link) option to prevent FB from planting tracking in that window, and to ensure that window dumps all cache when I close it.
I use the latest Opera Mail client for email on my desktop because it imported everything from my long-term email usage of the older Opera browser’s built-in email client over the years. It also has a collection of safety options, such as blocking graphics and fancy formatting by default. It also imports settings and mail across different operating systems with ease.
If you really like Google’s Chrome browser, learn how to add the adblocking extensions and learn about the advanced settings that allow you some measure of control. They are not turned on by default. Also learn how to use additional profiles to isolate one kind of surfing activity from another. You should at a minimum set up a separate profile for Facebook, which remains today the single biggest threat to privacy and personal security because almost everybody uses it. This makes it a juicy fat target rich with victims for whatever evil schemes any corporation or government agency can dream up. And the folks who run FB are all too eager to help them.
Learn to use Lynx browser. There are instructions on older posts here how to install a version for Windows and some of the settings you’ll need to make. For my own use, I prefer to pull it up in Cygwin, a set of tools that give you Linux/Unix on your Windows computer. While some sites will block the Lynx browser based on obsolete assumptions that it’s a hacking tool, it’s still the best way to get textual content with far less hassle and risk. Once you get used to how it renders pages, you can quickly find information you seek.
Install CryptoPrevent on your Windows computer; it will save you a great deal of heartache in the long run. It blocks malware trying to launch and install from your browser cache.
The single biggest change is inside your own head. If the Internet for you is all about entertainment and multimedia content, and more particularly gaming, you will always be at high risk. Porn-surfing is easily the highest risk behavior on the Net. I’m not telling you those pursuits are evil at this point, only that they are inextricably linked with exposure to malware. The predators who make that evil software are counting on your desire for zeal for such pursuits to hinder your risk awareness. Those pursuits are the essence of advertising, trying to sucker you into something you really want in exchange for a measure of slavery.
My blog is littered with more details on how to do some of this stuff. Use the search box built into the blog interface. The main point to remember is that, with advertisers being so rapaciously irresponsible about filtering out malvertising, you have every right to block their crap until they clean up their act. You shouldn’t expect that too soon.
It drove me crazy.
Yes, I am competent to make it work for most things, but some issues were just too much trouble. Keep in mind that when RHEL 6 (followed by the clones like CentOS) came out, it was capable of handling XP hardware and some early Vista stuff. Try installing it as a desktop on a Win7 machine and you will suffer. Things keep breaking because the drivers don’t match the hardware quite well enough.
The desktop machine was given to me needing repair from a law office that had closed. Turns out it was still under warranty but only to a company no longer in existence. It came with Win7 Pro but I never could get along with that once I fixed it. So I’ve run several different things, but I keep coming back to Debian Wheezy because it’s the most sane. For sure CentOS 6 was just not up to it.
So I’ve finished the tutorial and it will be my next book in a few days. It’s just fine for SOHO stuff on older XP machines, but I am not doing SOHO stuff, nor do I have any old machines like that. And CentOS is pretty corporate straight-laced and no fun.
Today is one of those rare bad knee days. The right knee was rebuilt at the VA back in the mid-1990s and they called it a Fulkerson Osteotomy. For awhile they left the screws in place but eventually they went back in after them. This was for the knee trouble that ended my military career. The left knee can’t be improved by surgery, but it bothers me far less in the first place. You can’t see it when things flare up on the right, but I can sure feel it. It is generally uncomfortable and then at random intervals less than a minute apart, it twinges and hurts bad enough to make me cringe. The pain generally reflects simply doing too much of the wrong kind of activity, but it’s hard to pick out exactly what was the excess. It’s capricious.
But it’s not a matter of whining, because it offers the excuse to sit and do little or nothing for as long as it lasts. So long as I’m not hurting so bad I simply have to lie down and moan — I’ve done that a few times over the years — I can still do some writing.
I’m completely out of the mode for pastoral writing the past few days. No brilliant spiritual insights and no fiction stirring in my soul. I’m just working on an update of my old “RHEL for the Clueless” series, but making it fit the latest version of CentOS (a clone of RHEL). The whole selling point is that this is corporate grade Linux for the SOHO and it runs on XP machines just fine. It should be supported and working fine until around 2020. It’s not the answer from Heaven, just an option for folks who can’t afford a bunch of money for upgrades. This particular brand of Linux is very popular in the corporate world.
If you have questions to ask, this is a good time to do it.
I’m downloading it using BitTorrent right now. The update was put up sometime today. I went out for a long bike ride and it was waiting when I got back. If you want your copy, go here. This is the final beta release before it goes gold sometime next month. From what I’ve read, I anticipate there won’t be massive updates after you install this one. They are treating it like an RC (release candidate).
In times past I was all puppy dog on this stuff, wagging my tail with anticipation as I downloaded the latest gee-whiz ISO of this or that. And then most of the time it would be some huge disappointment. Once or twice something I installed on whatever system I had at the time was actually worth keeping. Some examples would be old Red Hat 6.3 and 7.3, SuSE 8.2, RHEL 6, and Debian Etch. Those were the highlights in some twenty years of messing with Linux.
After some rough patches in those days, I might spend some time running Windows instead. I still think Win2K was some of the best technology for its time. Did you know there is a handful of serious developers trying to keep it alive? They are gathering snippets of code to fix genuine security risks and major bug fixes and trying to keep it viable. You can still get a version of Opera to work on it, and at least one AV vendor keeps updating the definitions for a version that works on it. I expect the unofficial updates for XP to have an even bigger effort keeping it alive.
So unless Canonical does something totally stupid, this may well be one of the best releases in a long time. Since they dropped official support for Kubuntu some time ago, I think it has really made life better. That is, I don’t have to fight with the stuff they ram down the throat of Ubuntu users. The folks who repackage it with the K Desktop are free to leave out the junk. I’m not wagging my tail, but I have some tentative hopes this will be one of the good ones, coming at just the right time to help me migrate a bunch of XP refugees over to something genuinely better.
If you have any doubts about keeping Windows on your system, this is a really good time to consider Kubuntu.