ER

You are under full surveillance

Dear Brits,

As of next week all your internet activity is under full government surveillance. You can read about the “snooper charter” here at AP.

Just to be clear, that is not just your browsing history. That includes email, chats, VoIP telephone, Netflix/TV, everything coming and going through that cable and/or satellite connection. And do not forget your smartphone.

Let this sink in for a moment.

You government spies on you more, than former communist Eastern Germany spied on its citizens with its Stasi.

Who will have access to your data?

From here comes a list (quote, emphasis mine):

Metropolitan police force
City of London police force
Police forces maintained under section 2 of the Police Act 1996
Police Service of Scotland
Police Service of Northern Ireland
British Transport Police
Ministry of Defence Police
Royal Navy Police
Royal Military Police
Royal Air Force Police
Security Service
Secret Intelligence Service
GCHQ
Ministry of Defence
Department of Health
Home Office
Ministry of Justice
National Crime Agency
HM Revenue & Customs
Department for Transport
Department for Work and Pensions
NHS trusts and foundation trusts in England that provide ambulance services
Common Services Agency for the Scottish Health Service
Competition and Markets Authority
Criminal Cases Review Commission
Department for Communities in Northern Ireland
Department for the Economy in Northern Ireland
Department of Justice in Northern Ireland
Financial Conduct Authority
Fire and rescue authorities under the Fire and Rescue Services Act 2004
Food Standards Agency
Food Standards Scotland
Gambling Commission
Gangmasters and Labour Abuse Authority
Health and Safety Executive
Independent Police Complaints Commissioner
Information Commissioner
NHS Business Services Authority
Northern Ireland Ambulance Service Health and Social Care Trust
Northern Ireland Fire and Rescue Service Board
Northern Ireland Health and Social Care Regional Business Services Organisation
Office of Communications
Office of the Police Ombudsman for Northern Ireland
Police Investigations and Review Commissioner
Scottish Ambulance Service Board
Scottish Criminal Cases Review Commission
Serious Fraud Office
Welsh Ambulance Services National Health Service Trust

Also do not forget the five eyes agreement. Thanks to that, the secret agencies and governments of the USA, Canada, Australia and New Zealand will have all your data too.

Naturally, those few will keep your data completely safe. No hacker can get to it. And none of the few government employees will abuse the access to that data. We all know, they are angels. No snooping on the ex, or neighbor, or relative. Never.

Nobody will ever manipulate that data. Nobody will add a bit of child pornography to your browser history. Nobody ever will add a bit of drug buying, or a subscription to an illegal gambling site. No, your government does not engage in such activities.

Boy, you are so much safer now, aren’t you?

Brave new world,

Engine Room

PS: Why didn’t you read more about that? Because your government buried that under Brexit and the US election. That’s how much your politicians and media watch out for you.

ER

Happy 25th Birthday Linux

Dear Reader,

This post is a bit late, if you consider Linus Torvald’s announcement on the usenet group comp.os.minix on August 25th, 1991, the birth date of Linux. Or a bit early, if you consider his first release of Kernel version 0.01 on September 17th, 1991, the actual birthday.

So we are somewhat in the middle toasting to Linux.

It is a peculiar feeling.  On the one hand, Linux is quite new. What is 25 years? Yet, it feels like I have been using it forever. And I could not imagine working without it.

And you should celebrate too. Whether you are using a smartphone or tablet with Android (market share ~ 80%), or because you are reading this post. Both are powered by Linux. One could claim, 90% of the internet is powered by Linux. Certainly our server is, like ~ 90 % of all web servers.

And Linux is running on many other devices you are using. In all likelihood your router at home and at the office is running on Linux, as well as your satellite navigation system and your TV. Of the 500 fastest super computers 497 are running on Linux.

The next outstanding issue, still Linus is running the show. Along with by now thousands or tens of thousands of volunteers. Because although the first 10,000 lines of code in version 0.01 were written by Linus, within less than two years hundreds of the best hackers in the world had added much more to it.

Linux was the first free open source software project of that magnitude. And it is the largest.

So, happy birthday Linux!

And thank you so much to Linus and the countless people making it happen every day.

Stay tuned,

Engine Room

PS: Isn’t it about time, you kiss good-bye to bloody Windows on your laptop or desktop, and give Linux a go?

ER

New Hardware

Dear Reader,

One of the reasons for my prolonged silence on Diablog was broken hardware. No, not the server, everything is fine there. The server received plenty of updates and improvements under the hood, all installed behind the curtain, you did not notice. Except for even shorter loading times maybe.

After a mere five years my high class, high quality, expensive Thinkpad notebook by Lenovo failed. The lid/display broke at one of the hinges. The display is the most expensive part of a notebook. Replacing it usually costs almost as much as an entire new machine. Thus, I decided to replace the Thinkpad.

Granted, the machine had been used a lot, it traveled a lot, and I admit to not handling it in the most gentle way all the time. Nevertheless, I had expected twice the life time. Tough luck, all of a sudden I was in need of a new laptop.

Over the past couple of years I had decided already, that my next machine would not be a Lenovo again. Lenovo installs spyware and maleware. No thanks.  HP computers are suspected of the same, HP was out of the question too. Dell offers linux laptops, but they are not the most reliable in terms of hardware any more. Plus, they glue in hardware, like the battery. That limits the life time of the laptop to the battery life, in other words three to four years. What a stupid waste.

So I had chosen an independent supplier of high quality laptops without any operating system – aka Microsoft crap – and without any of that UEFI shit, where Microsoft thinks, it can dictate what other operating system you can install. Thanks, but no thanks. I want a clean machine and bought one.

The new laptop arrived and I installed my preferred linux distribution, LMDE. The next step would have been to transfer my home folder from old to new and be done within an hour.

Since the laptop came from a linux sprecialist, my expectation was for everything to work out of the box. Yet, it did not. I had ignored the basic linux lesson: check whether your hardware is supported. My bad.

My graphic card was not supported, the laptop ran in software rendering mode. That means, all processors were running at up to 90% capacity. And that in turn reduced the run on battery from the promised 8-10 hours to a mere two hours. Not possible.

After unsuccessfully trying to fix that by myself, a conversation with the friendly supplier got the answer: the hardware was too new. And LMDE. using a slightly older kernel, lacked the required drivers. The newer kernel would not come into LMDE for another one or two years.

Luckily, by now other distributions are using my preferred desktop environment, Cinnamon. So I switched distribution. But now the software programs or applications were of a different version, mostly older ones. LMDE uses an older kernel, but the applications are cutting edge. LinuxMint is the other way around, newer kernel, but slightly older application versions. Bugger.

Copying the home folder was not an option anymore. Instead, I had to transfer the data by individual application. And I had to redo all my settings, making everything look and behave the way I want it. After a few updates and changes, I am now where I want to be. Everything works brilliantly. Everything looks and behaves the way I want it to. No spyware on the machine, no maleware, just clean, neat free open source software.

Consider me a very happy camper. And now I should have time for Diablog again.

By the way, has anyone seen or heard of Glynsky?

Stay tuned,

Engine Room

 

ER

New search kid on the block

Dear Reader,

Within 20 years the internet has become an integral part of our life. And the world wide web part of it continues to grow. For the web we are using browsers and most browser sessions start with a search. Web search is dominated by Google so much, that its users are living in a filter bubble. Users see only, what Google wants them to see.

Now there is a new search engine. Or rather a metasearch engine, aggregating the results of other search engines while not storing information about its users. It is called Searx.

Searx is a free internet metasearch engine which aggregates results from more than 70 search services.

Users are neither tracked nor profiled.

Additionally, searx can be used over Tor for online anonymity.

And if you are really paranoid, you can run searx on your own server. Because the source code of searx is free open source software. You can get the code and install it.

For the less tech savvy user, you can use one of the many existing, public installations like:

https://searx.laquadrature.net/

https://searx.me/

You can customize your search in many ways, for example by language, by search engines used and aggregated, by file type, and more.

I recommend you give searx a few test runs. Play with the preferences and see, what it shows you. See whether you are missing out with Google, and if so, what you have been missing.

Because you want to see what is out there. Not just what Google thinks you should see.

Happy surfing,

Engine Room

ER

Cracking party

Dear Reader,

Among the many parties happening around the world, there is a big one on cracking. Cracking passwords that is.

Do you have an account with LinkedIn.com? The “business social network”?

If you do, I highly recommend you delete it. And if you used the password from there at any other website or internet service, please change that immediately.

LinkedIn got cracked in 2012. And they kept pretty silent about it. At the time they admitted only, some 6.5 million passwords had been taken. This week we learned here, it was more like 117 million passwords. Or precisely:

164,590,819 unique email addresses
177,500,189 unsalted SHA1 password hashes

And as of now > 90 % of the passwords have been cracked already. Just 14 million to go.

Why does that matter? It means, those passwords are not save anymore. And never will be again. The algorithms used for password cracking have been trained. And whoever uses one of those passwords anywhere, is wide open.

Granted, the most popular passwords at LinkedIn were the usual bad ones: 123456, linkedin, password, 123456789, 12345678, 111111 and qwerty. And those are easily cracked. But eventually well over 95% of those passwords will be cracked. It is just a matter of time and computing power.

LinkedIn is one of the more popular websites. According to WikiPedia.:

LinkedIn is a business-oriented social networking service. Founded in December 14, 2002 and launched on May 5, 2003, it is mainly used for professional networking. As of 2015, most of the site’s revenue came from selling access to information about its users to recruiters and sales professionals.
As of October 2015, LinkedIn reported more than 400 million acquired users in more than 200 countries and territories.
LinkedIn filed for an initial public offering in January 2011 and traded its first shares on May 19, 2011, under the NYSE symbol “LNKD”.

So, here is a publicly traded company, not some small garage firm, that did not care about its users and their safety. All they care about is selling the user data. And in the process they made the internet less save for everybody.

The somewhat famous founder and current chairman Reid Hoffman, usually quite outspoken, has been very silent about the matter. Nothing on his website, nothing on his twitter account. For that he deserves our Idiot of the Day medal.

And that is why you should delete your account there. Unless we, the users, make those companies and the people feel pain, unless they lose money or go bust, security will not improve.

Stay safe,

Engine Room

ER

Al-Qaeda, Al-Aqsa, Al-Gebra

Dear Reader,

We have a new terror organization. Time to fear for your life, this time for real.

After Al-Qaeda and Al-Aqsa, we know give you Al-Gebra.

This group is so dangerous, it has been hiding in plain sight for hundreds of years.

And they are strong. Strong as in they have hundreds of millions of followers.

They have infiltrated diablog already. Yes, I am willing to come out as a follower. Shocking, I know.

Why now? One of us got caught. This guy:

You can read about it here:

http://www.trendingmail.com/2016/05/american-airlines-flight-delayed-due-to.html

If there ever was a plea for more education, there you have it.

Our Idiot of the Day medal goes to that airline passenger, obviously obsessed with “If you see something, say something”. I hope she does not reproduce.

And I still request a zero-security-check-airline. I’d sign up right away. I fly at my own risk. With all those dangerous things like water bottles, pocket knifes, tweezers, shoes, tooth picks, etc.

Stay sane,

Engine Room

ER

Amazing times

Dear Reader,

Do you feel like you are living in exciting times?

If you are a bit older, if you can remember the days prior to fax machines, you must agree. In this interesting article here, a professor of Artificial Intelligence, AI, puts it nicely:

If you went back and you said to an early thinker about AI, 50 or 60 years ago, “You’re going to have with you at all times a device, and essentially it can answer any question that you’d like to answer across a huge range of topics; it can understand your voice and provide a view on any place in the world, tell you how to get from point A to point B”—if you explained in the abstract what your smartphone is capable of doing via Google and various kinds of mapping tools and Siri—I think that person would say, “That’s AI.”

The smart guy also mentions the risks involved:

One thing I do worry about is that I think we’re on the cusp of having the ability (with machine learning and AI) to synthesize media to create something that’s very difficult to distinguish from the real thing. These are very dangerous tools to have in a society that depends increasingly on things like video to represent truth.

And for exactly that reason I dislike (near-) monopolies as much as too mach data in the hands of government (agencies).

Stay curious,

Engine Room