Friday, 1 March 2013
The Future of Linux Pt 7 [Guest Post]
Continuing a series of guest posts sparked by a discussion over at the Hampshire Linux User Group. Here is Leszek Kobiernicki's contribution to the discussion. I chose hardware specialization, reasoning that all kinds of software is developed, to run on hardware, which is primary, and relatively easily replaceable, e.g. if your OS of choice, won't wear a particular graphics card, or the fixed disc is too small. So a hardware specialist basically builds & rebuilds, until they find a good mix, and matches the software to that. It's the hobbyist's approach, originating in garages and sheds.
Linux is growing - but this is not helped -- rather, hindered, on the one hand, by egotistical showoff-exclusivity, and on the other hand, by the lack of community-minded publicists, prepared to give their precious, irreplaceable time & effort to helping Win-addicts kick their habit, for a far smoother, faster, more device-friendly Linux OS, which doesn't burn out the hardware.
The community of Linux users need to move beyond cleverness, and obsession with technicity, back to a humane concern and fellow-feeling for the as-yet ignorant.
We were all there once. But dependency is crippling. So we climbed out of that pit...
Last week a massive nationwide hacking campaign erupted. The only platform seriously affected, was the M$ Windows one. Linux installs seem, so far, relatively unaffected.
Whether this is because journalling filesystems are less well-known to the hacktivistes, is not yet clear. But the message is: the OS of the millions, is grossly insecure. Routers notwithstanding! Files vanished from drives. Enormous clusters of unmoveable files had appeared, and were detected. An IDS is now essential, if a Windows system is connected to the net. And that will slow everything to a crawl.
Everyone I know, is in process of being warned to ditch their Win installs, & repair immediately to Linux (free help is gradually being provided).
It is unclear whether the corporates have grasped this. Having been asked, government doesn't seem to know who is responsible. Investigations are currently under way. The findings may well be kept under wraps.
SysAdmins have difficult choices facing them. Do they continue supporting what are effectively, legacy ( inherently-insecure ) OSS, acquired in cheap deals, or do they advocate more secure systems, hardening them with encryptions, and all the other paraphernalia of statutory Paranoia Inc.?
About a decade ago, CRYPTOME posted details of several of the NSA hacker holes in the Win registry. None of this ever seemed to affect corporate policies of slavish adherence to M$ Windows. One is tempted to think that corporates WANT their homebases to be insecure, readily-hackable, besotted with needless problems.
None of which makes a SysAdmin's life any easier. Unless they can persuade dummy management to adopt a move to a disposable outer-envelope system, running a VM, which protects an inner OS, used to internet away, for downloads, onto a flash drive. VIRTUALIZATION is a magic solution for servers - why not on clients too? For e-mail, there are CD/DVD-based OSS e.g. TAILS, TOR, & TIN HAT, using anonymized services, e.g. RiseUp. But THAT would mean doing the job properly. And do you also encrypt outgoing/incoming with a VPN, on the intranet, between your server & client ? Everything gets progressively more complex, in the quest for security.
If corporates were serious about security, they would be allowing their SysAdmins to adopt procedures such as the above. The poor old SysAdmin is the only one canny enough to have researched such strategies, and naive enough to advocate them, to the ignorami constituting management. But those are in the hands of the money crowd, who stifle all innovation, unless it is of a share price and market share kind.
People only respond to disaster. And it is being visited on them. Hackers leave calling-cards, which destroy the integrity of systems, behind. Sauve qui peut .. It is the canny SysAdmin, who as ever, lives the example, for the mass of users who want not to have unnecessary problems, and put themselves to begin to take appropriate steps. The next step beyond that, is to help one's circle of friends, out of their pits. And so on, ad infinitum
There simply aren't enough people helping one another in the Linux community. This fragments it, into a constellated scattering of null points .. all redirecting their endeavours to an imaginary ideal state, which hasn't arrived - and may never manage to do so. Meanwhile, the needs of persons are overlooked
Pour le reste, there is always trouble, expense, and the inevitable infection with Trojan Horses, etc., etc.
Happy computing ( ironic ! ),Les