Will Work for Real Security

I’ve stated in the past that I find little motivation to go back to work for any large corporate institution as a security analyst, and there is good reason for this. I care about real security. If a company is so mired with ancient IT standards, and still insists they need credentialed Microsoft (MS) administrators to protect their MS environment, I want no part of thmalware-antivirusat. It is not real security, it is pure theater and histrionics, period. If you are a forward thinking organization, and truly want to secure your assets, you won’t be employing people to “secure” Microsoft operating systems, you will employ someone to entirely re-architect your infrastructure so as to avoid endless hours of chasing malware phantoms on your desktops and servers. The cost to the companies who would do this security and infrastructure re-architecting would be far less than preserving their current models of prophylactic protection. And the costs of maintaining the new infrastructure would be drastically reduced.

Of course, the big subscription-based anti-virus companies don’t want this as it will certainly kill their cash-cow. And, the OS in question doesn’t want this because they don’t want change. If a company is truly serious about security, and they all should be, I will work for you. I will ensure your IT infrastructure is secured, but you can expect big changes in the way real security is done.


The Cold War Revival

Recent security events fomented by the United States government – that appear to have been entirely fabricated – are without doubt strategically designed to reinstate the global tension once familiar during the so-called “Cold War” years. It has been rather obvious that the American people do not want its country involved in foreign wars that seem to have no purpose other than making large sums of money for certain favored corporations. As a consequence of our pulling-out of these wars, defense contract spending disappears.


That this administration would accuse the North Korean government of “hacking” Sony because of the content of a Hollywood-produced movie is just silliness. North Korea obviously had nothing to do with this hacking, but because some official on the news, or some government agency in a press conference says it’s so, it must be true (now it is being stated that the NSA had backdoors into North Korea’s infrastructure, so they have proof that the DPR of Korea was behind the hack).

The Cold War space race is also being reinvigorated with declarations that NASA will be working toward the next generation Apollo missions – this time the target is Mars.

Alternately, making friends now with Cuba, after a stasis of 50 years of sanctions and ostracization does nothing for this country or Cuba. At this time all it does is piss off Russia. But, it’s a sensible tactic where the politicians of this country are sponsored by giant defense corporations. If they’re pulling out of active wars, but they’re in a desperate need to keep fueling the military industrial complex that signs their paychecks, they can cleverly revive the Cold War game plan. A potential war is far better than an active war, and will create the same familiar anxieties of the former Cold War years. This will rally the people of this country to accept a continuing and enormous spending spree on defense to keep the country “safe.” And, since there is no real war, we’re happy with this spending on defense.

A good plan in theory, but this time, it won’t end well. The current crop of new leaders of the world’s countries don’t have the experience of the First and Second World Wars – they know not from those horrors, and will be more than willing to engage in a new world war, one that ultimately possesses the ability to end the “world” as we know it.

Thin clients are back…and here to stay

The “thin client” is back, and very soon, it will dominate the average user experience. What is a “thin client?” In the 1970s computer users used simple terminals (a keyboard and a monitor) with no local operating system to access a mainframe that ran all the programs the user of the terminal needed. There were no programs on the user’s computer. Thin clients are computer terminals that rely on an external computer to perform work. In the 1980s, the invention of the PC was born, and this new emphasis required complete operating systems and software to be installed and maintained on each individual computer. This so-called “fat client” sacrificed the centralized administration, security, and programming of the Mini_stationmainframe/dumb terminal configuration. Malware has flourished under this model of computing, relying on the ignorance of the average computer user for the propagation of its malicious wares.

This is one of the main reasons thin clients are making a big comeback. They also offer considerable flexibility and cost savings over traditional fat client networks, and make it easier to monitor employee use of network resources on large corporate networks. “Desktop Support” is no longer needed – if the hardware fails on a thin client terminal, replacement of the user’s “dumb terminal” device is the only solution, and is far more inexpensive than the typical fat client reconfiguration of restoring its individual operating system and the user’s directory of personal and local files.

Today, this thin-client model has the new moniker of “cloud computing” but it’s really a throwback to the original thin-client/mainframe network paradigm. The individual programs you used to download and install on your local hard drive, are now installed in the cloud (on the server environment) and when invoked by the user, are run on the server, rather than on the user’s personal computer. Today’s much faster communication speeds make the cloud user’s experience nearly identical to their earlier familiarity with locally running programs.

The greatest concern for users in the thin-client/cloud environment is not security, or personal data retention (loss of data), it is privacy. If you are reliant on communication, and storage of data in the cloud, your privacy is in the hands of the provider of that cloud. The acceptance and popularity of social media platforms suggests that most of today’s users really have little concern for privacy, are more concerned about personal security, and they will without hesitation accept the coming thin-client model. It is already happening, and as a computer security person who is old enough to have experienced the original model, and worked through the failed local model, the full circle return to a centralized network, is enthusiastically embraced.

For more info, see: http://en.wikipedia.org/wiki/Thin_client

A Weary Look at the State of Computer Security

In the last several years, I have grown exceedingly tired of computer security – both personal and corporate. While that statement won’t help much in the procurement of a “job,” I don’t want one anyway. Sure, I still do computer security consulting, but on a level that far surpasses the superfluous actions of penetration testing, firewall configuration, and malware forensics. If you are a client that truly wants a secure environment, I can provide solutions. You may or may not listen to what I have to offer – as a consultant, I don’t care. Oh, and btw, “Jeans day” is everyday, assholes.

I admit there is something alluring and almost irresistible in the challenge of dissecting the latest virus threat, but those threats are boring in the overall sense of the big network picture in that they are purely targeting corporate stupidiAntiqueTreasureChestLockSkeletonKeys-standardty, and the uneducated wiles of those who continue to insist on using computer “products” that are inherently insecure, ab initio. The computer operating system architecture built up from a few lines of code, and then repeatedly added to by years and years of shitty coders trying to fix an unfixable operating system specter is an absurdity, and should have died long ago. A complete overhaul and resurrection is in order for those companies who maintain such death grips on their hideous creations.

Apple finally accepted that something needed to change (after Mac OS 9) and introduced the entirely new Unix-based operating system architecture for OS X. Microsoft still spits out its putrid OS updates originally based on their inaugural and almost wholly purloined ancient technology (much from Apple, of course), and is still the OS of choice for malware authors because of this. Oh the “Registry”.

From time to time, I get requests from companies to help them sort out their IT security, and it always involves a mixed up Microsoft environment. A giant mess I really want no part of. If these companies were even a little forward thinking, they’d realize that even a complete overhaul of their IT architecture would cost them less than the amount they spend on prophylactic add-ons like antivirus, personal firewalls, and various other “computer security suites”.

Securing computers and their networks is an attainable undertaking, provided the architecture is designed for security in the first place. It’s the difference between a skeleton key lock and disc tumbler lock – you either have many ways to open a number of locks, or one way to open one lock. It’s not that difficult of an equation, unless you’re a vendor that would rather have its locks picked in order to continuously add on updates to them to keep the illusion of security busy. Yes, security, where that model is concerned, is nothing but an illusion, and will never become a reality until those that currently buy into it wake up.

Cryptolocker, Cryptowall and how to avoid this ransomware nightmare…

“CryptoLocker” is ransomware malware which targets computers running Microsoft Windows and was first observed in September 2013. You may be compromised by a CryptoLocker attack from various sources; many are disguised as a legitimate email attachment. When activated, the malware encrypts files stored on your local and mounted network drives using public-key cryptography – with the private key stored only on the malware’s control servers. The malware then displays a message which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a stated deadline, and threatens to delete the private key if the deadline passes. If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware’s authors, for a significantly higher price in Bitcoin.


So, I have looked over many of the antivirus “solutions” for dealing with this nasty malware, and not one of – not a single antivirus company – has come forth with a realistic way to deal with this problem. Some time ago, I warned that a destructive malware threat was on the way, and here it is.

While there are several ways to effectively deal with, and clean up this infection (and you will need to pay dearly for this if you involve a third party), future solutions are completely absent from these antivirus gurus. Why? The antivirus companies want your repeat business. They won’t tell you there’s a rather inexpensive solution because they want you to get infected again so they can charge you another enormous fee to fix the issue, ad infinitum.

So, what IS the solution to this problem? Simple. Dump anything and everything that is Microsoft Windows. With all the alternative operating systems out there that are not affected by this malware, and operating systems that now are as user friendly as MS Windows, there is absolutely no reason to continue to use Microsoft software products. Switching to a new OS (operating system) can be scary for some, but it doesn’t take the average user much time to get the hang of the new OS – they all function quite similarly with one exception – they are far more secure than MS Windows. ChromeOS tops the list, with linux and Apple OS X not far behind. The Antivirus Consortium will not tell you this because they want you to keep getting infected so they can charge you top dollar to keep fixing your problem.

Bottom line: Buy a Chromebook for $180 and you won’t ever have to deal with this issue again. It’s that damn simple.