I was hoping something interesting would happen during the past few days, but I must have missed it.
We got one of those scam calls from someone claiming that our Windows computer was sending out bogus data, or something like that. You know, voices that tell you they are in some call center in Pakistan, India or some other similar place. My wife turned it over to me in case I wanted to have some fun. I told the fellow we didn’t run Windows, only Linux. He said he was switching me over to their Linux department but I hung up because I was too busy to test the idiocy of the caller.
Meanwhile, for lack of anything better to do I’ve been reading about computer forensics. That’s mostly trying to identify and preserve data on a computer as evidence, but the skills can be applied in all kinds of interesting ways. Some parts of what I do overlaps into forensics, but I’m mostly identifying how the victim’s system was abused. I had to get really aggressive with this last client, chasing down running processes and deleting entire software directories. Normally I stop with running an appropriate malware scanner, but this time I had to make sure every trace was gone. Then I still had to fight with the router.
It turns out Windows 8 isn’t that much harder than Windows 7 for that sort of thing. The big problem is that the interface defaults to that stupid cellphone layout, but I’m figuring out how to avoid that crap. Otherwise, most of the chores are the same when cleaning up a system.
CentOS has released their clone of RHEL 7 this week. I’m waiting to see if someone packages XFCE or Mate for it. Otherwise, it won’t be on any of my systems.
But I’m praying I can expand my computer ministry to cover more folks. In the past, typical advertising did nothing, so whatever I do has to be different from that.
And here I was thinking I might start pulling out of the computer ministry soon.
I’m a low-level amateur technician. Not an expert, just a guy in the neighborhood who knows a little more than you do. Because of this, I tend to do quite a bit of computer fixing. Since I generally managed to do well enough and actually help people, I started working it as a computer tech support ministry.
After reading up on what the professional technicians do, I found there wasn’t a really big difference. I try to keep up with this stuff because I can’t see people spending hundreds of dollars when I can do the same thing. I’ve referred people to the professionals often enough when it was something I couldn’t fix, so I don’t pretend to be a real expert.
Today was pushing my limits. A friend called and had some pop-ups. We uninstalled some stuff I knew was advertising and tracking spyware. Then the fight got started. There were alerts from her anti-virus. While it had not identified the source of trouble, it was catching stuff that the “gate keeper” was pulling in to keep all that infestation alive.
So I ran Malwarebytes and it found some 1200 harmful items. Upon reboot there was some freebie junk popping up from when the client had run the ISP’s connection wizard. That had not been visible before, so we uninstalled it and I noticed some more stuff that had been previously hidden. More removals, plus I installed CCleaner because it has some interesting tools. Wiped the browser cache and did a Registry clean, too (saved the Registry backup, of course). Found some more stuff to uninstall.
Upon another reboot, she couldn’t connect to the Net. Seems she had been hijacked into an internal proxy and that had been removed. Disabled the proxy setting, but then I found out her router had also been fiddled with, so I did a factory reset. But to fix it required I connect her system directly to the Net through the cable modem, something generally risky without a good firewall. Found all the details on the router — nobody keeps the boxes and paperwork, of course. Performed the reset and changed all the passwords and settings and ran the cable modem reset again.
Finally, it’s all up and running as it should be.
This is just what happens from a rather pedestrian drive-by download of malware for someone who simply does business online from her home office. No porn, no games or media downloads, just ordinary business stuff.
The malware was a collection of crap I’ve been seeing lately: We-Care, Systweak, Conduit, 24-7 PC Help, and a few others I can’t recall right now. When you see one, the others are usually there. I saw that same collection on a laptop recently, so I recognized it. More and more people are being hit with ever more serious crap. The stuff she noticed bugging her was bad enough, but the worst part was the unexpected hijackings of everything. The icon for her browser had a malware link as the default page on opening, so I had to edit the icon itself.
It’s getting crazy.
Okay, so it’s all over the technology news sites, but maybe you don’t read them:
Even Boing Boing
In essence, someone got hold of the source code for one of the NSA’s snoop and scoop programs, and the source code itself clearly states that vanilla sites like Linux Journal are “extremist.” Is this some kind of satire? Well, the NSA shitheads are not normal people. You can’t take them seriously, except they do like to send the armed goons for some of the most frivolous reasons.
I tried using Windows 7 again for a couple of months, but it kept using more and more power to do things I didn’t want it to do, meanwhile failing to do things I did want. I finally got tired of the excess heat coming off my system and took it back to Debian Wheezy. That was a few weeks ago. It’s not as if I believe the NSA can’t plant their software on my system; they can, though not nearly so easily as with Windows. However, my concern was not keeping them out so much as the excess power use and having some control over what my system does.
So that makes me an extremist. You can’t make this stuff up.
Do you think we should tell the NSA that Tor is a standard package you can install from the official Debian software collection?
If you are considering migrating from Windows to Linux, how about OpenSUSE?
OpenSUSE is the free version of SUSE Linux. It is not all that well known in the US; it’s based in Germany. Among Linux users, it’s generally considered unorthodox because the company has contracts with Microsoft (AKA “The Borg”). Oddly, MS sold more SUSE licenses than almost any other vendor, despite being pretty darned expensive. It was also one of my first exposures to Linux back before the turn of the Millennium.
This is not your hobby Linux. Yet it is much more user friendly than Red Hat and the clones. It’s friendly in the sense that it will save you a lot of heartache if you don’t really need Linux, per se, but simply an escape from Windows for whatever reason. The default KDE desktop is lighter and faster than Win7 on the same hardware, but I suspect it wouldn’t make you all that happy on XP-grade hardware. Instead, it has one of the widest selection of hardware drivers, and these are generally much better integrated than in other brands of Linux. SUSE also tends to automate things rather like Windows does.
So it’s a very good path migrating from Windows if your motives don’t include adopting the semi-religious devotion to the sacred path of Open Source. However, it can be almost as much work as Windows has gotten to be, and it can be cranky in its own right. You won’t do this just for fun; you should possess at least a power user background in computers or get someone experienced to hold your hand. There are some parts of it that simply aren’t ready for the GUI, and requires some commandline-foo. On the other hand, it’s very work-oriented and the configuration tool (called “YaST”) is one of the easiest ways of configuring obscure stuff, including servers, for Linux.
Once you get used to the SUSE way of things, it’s pretty easy to maintain. As you might expect, the primary advantage making it worthwhile is all the security of Linux with far fewer long-term hassles.
Yours truly isn’t in the mood to write up a hand-holding guide right now. If you can install Win7 by yourself, you are smart enough to handle OpenSUSE. One of the main problems is a portion of the defaults aren’t what most Windows users would like. It makes dual-booting between Windows and SUSE easy, but if you want it take the whole hard drive, you’ll have to poke around awhile during installation. I highly recommend you don’t accept the default of creating a separate HOME partition. While the separate partitions make it easy to migrate up to the next version, the installer makes it very hard to give the other (root) partition enough space to be useful.
Another difficulty is that the installer offered no way I could see to check for updates during the installation. You’ll be saddled with a huge collection of updates as soon as you get logged into your desktop. The GUI for this can be a little confusing, throwing conflicting warnings at you. It’s one of the few things very poorly executed. You also may not like the default desktop decorations, because it tends to limit the options. Once you get past the initial hurdles, things get much smoother.
For example, SUSE has one of the smartest firewalls available. It’s default KDE desktop is very easy to configure and most system controls are very well integrated. I frankly recommend you avoid using non-standard repositories. The fonts aren’t as good as Linux can do, but good enough. The default licensed codecs are likely to cover most of your multimedia needs. You can get Adobe’s Flashplayer if you need it. Most of the standard stuff is good enough.
Some very large European organizations, like the municipal offices of Munich, have switched wholesale over to SUSE and things are good for them. It’s worth investigating, but only if you are serious and you don’t actively hate MS. It’s still one of my favorite brands of Linux on some hardware.
Update: Here is an installation walk-through.
Most of you will recognize the term malvertising. It’s a technique for infecting computers with malware by using the advertising feeds found on most websites. Similar with the way TV in the US is funded by advertising, this blog is also supported by advertising because I can’t afford to pay for it. That is, the agreement I make with WordPress is that they get to run advertising on my blog posts because I’m not paying them anything.
The problem is how those ads are delivered. You would routinely find an ad on a page had passed through three or more servers before it displays in your browser. The rights to post those ads are traded in many different ways. Too often, when someone pays the fees, nobody wants to ask any questions. By the time it gets to your computer, it could be the software equivalent to a nuclear device. The issue here is that advertisers never did have morals in the first place. They aren’t willing to rob people directly because it’s no fun and it’s risky. However, it makes them feel like a big stud if their skills and artistry brings in the customers. There is no trick they won’t use, and the laws are simply advisory in their minds.
There is nothing immoral about blocking advertising on the Internet. You aren’t stealing content; the advertisers are stealing your computer resources and flagrantly refusing to deal with the risk factors. Pitchmen are slimy as a whole, and the good guys are so rare we can’t find them. All of them claim they are the finest specimens of humanity, which is part of their lying sales pitch. A rare counter example is the Google text ads; simple information about the existence of a product is not a sin. How Google tries so damned hard to manipulate you by snooping on the content of your searches and your communications is a sin.
Few Internet users will go the lengths I do for computer security. I keep track of how this stuff works as part of my computer tech support ministry. I read about it every day. What follows are some suggestions based on what I’ve tried for myself.
Learn about browser extensions: Ghostery, Adblock, Click & Clean, and tools like Bleachbit or CCleaner. Learn where they are and bookmark them.
Select your browser carefully. Use more than one for different purposes. I use Seamonkey to protect my important logins. You’d need to explore the features and settings possible to understand why. It comes with a host of extensions the same as Firefox, but offers far more fine-grained user control.
I use one browser only for Facebook (Opera’s newest line of WebKit browsers) with the appropriate extensions. I chase links from FB using the “private browser window” (right-click on the link) option to prevent FB from planting tracking in that window, and to ensure that window dumps all cache when I close it.
I use the latest Opera Mail client for email on my desktop because it imported everything from my long-term email usage of the older Opera browser’s built-in email client over the years. It also has a collection of safety options, such as blocking graphics and fancy formatting by default. It also imports settings and mail across different operating systems with ease.
If you really like Google’s Chrome browser, learn how to add the adblocking extensions and learn about the advanced settings that allow you some measure of control. They are not turned on by default. Also learn how to use additional profiles to isolate one kind of surfing activity from another. You should at a minimum set up a separate profile for Facebook, which remains today the single biggest threat to privacy and personal security because almost everybody uses it. This makes it a juicy fat target rich with victims for whatever evil schemes any corporation or government agency can dream up. And the folks who run FB are all too eager to help them.
Learn to use Lynx browser. There are instructions on older posts here how to install a version for Windows and some of the settings you’ll need to make. For my own use, I prefer to pull it up in Cygwin, a set of tools that give you Linux/Unix on your Windows computer. While some sites will block the Lynx browser based on obsolete assumptions that it’s a hacking tool, it’s still the best way to get textual content with far less hassle and risk. Once you get used to how it renders pages, you can quickly find information you seek.
Install CryptoPrevent on your Windows computer; it will save you a great deal of heartache in the long run. It blocks malware trying to launch and install from your browser cache.
The single biggest change is inside your own head. If the Internet for you is all about entertainment and multimedia content, and more particularly gaming, you will always be at high risk. Porn-surfing is easily the highest risk behavior on the Net. I’m not telling you those pursuits are evil at this point, only that they are inextricably linked with exposure to malware. The predators who make that evil software are counting on your desire for zeal for such pursuits to hinder your risk awareness. Those pursuits are the essence of advertising, trying to sucker you into something you really want in exchange for a measure of slavery.
My blog is littered with more details on how to do some of this stuff. Use the search box built into the blog interface. The main point to remember is that, with advertisers being so rapaciously irresponsible about filtering out malvertising, you have every right to block their crap until they clean up their act. You shouldn’t expect that too soon.
It drove me crazy.
Yes, I am competent to make it work for most things, but some issues were just too much trouble. Keep in mind that when RHEL 6 (followed by the clones like CentOS) came out, it was capable of handling XP hardware and some early Vista stuff. Try installing it as a desktop on a Win7 machine and you will suffer. Things keep breaking because the drivers don’t match the hardware quite well enough.
The desktop machine was given to me needing repair from a law office that had closed. Turns out it was still under warranty but only to a company no longer in existence. It came with Win7 Pro but I never could get along with that once I fixed it. So I’ve run several different things, but I keep coming back to Debian Wheezy because it’s the most sane. For sure CentOS 6 was just not up to it.
So I’ve finished the tutorial and it will be my next book in a few days. It’s just fine for SOHO stuff on older XP machines, but I am not doing SOHO stuff, nor do I have any old machines like that. And CentOS is pretty corporate straight-laced and no fun.
Today is one of those rare bad knee days. The right knee was rebuilt at the VA back in the mid-1990s and they called it a Fulkerson Osteotomy. For awhile they left the screws in place but eventually they went back in after them. This was for the knee trouble that ended my military career. The left knee can’t be improved by surgery, but it bothers me far less in the first place. You can’t see it when things flare up on the right, but I can sure feel it. It is generally uncomfortable and then at random intervals less than a minute apart, it twinges and hurts bad enough to make me cringe. The pain generally reflects simply doing too much of the wrong kind of activity, but it’s hard to pick out exactly what was the excess. It’s capricious.
But it’s not a matter of whining, because it offers the excuse to sit and do little or nothing for as long as it lasts. So long as I’m not hurting so bad I simply have to lie down and moan — I’ve done that a few times over the years — I can still do some writing.
I’m completely out of the mode for pastoral writing the past few days. No brilliant spiritual insights and no fiction stirring in my soul. I’m just working on an update of my old “RHEL for the Clueless” series, but making it fit the latest version of CentOS (a clone of RHEL). The whole selling point is that this is corporate grade Linux for the SOHO and it runs on XP machines just fine. It should be supported and working fine until around 2020. It’s not the answer from Heaven, just an option for folks who can’t afford a bunch of money for upgrades. This particular brand of Linux is very popular in the corporate world.
If you have questions to ask, this is a good time to do it.