Way To Go - Finally

Ask questions and give answers about computers, mobile devices, game boxes, PC security and all manner of geeky stuff.
User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 09 Sep 2019, 12:51

I think Security is still the biggest issue they will have to overcome for more folks to jump on the Cloud services bandwagon.
Most folks only use their computers and cell phones as toys, things to play with, do simple things like text messages, surfing the web, where Security is not all that big of an issue.

But I doubt if you will see very many companies relegating their finances, client lists, and private data to the cloud anytime soon. As long as Password lists can be hacked into and downloaded by the criminals, the cloud will never be safe.

I worry about all the doctors jumping on board putting all patient data out over the Internet. Although they are doing so to one mainframe company of the service they belong to, it is still going out over the Internet to get there.
No matter how far along they come with encryption this week, there will always be somebody who cracks it next week. It is a vicious circle, and when the circle breaks, private data is lost to the public every single time.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 09 Sep 2019, 20:21

Security is a big issue these days, but the situation is not as dismal as you might suspect. It's not like nothing was learned from past hacks. There are strong and secure systems out there, but they are not cheap. And, that is the problem. Most companies who have had major data breaches did not have updated security measures in place. Read about some of the Facebook break-ins. Some passwords and other account information was stored in PLAIN TEXT on servers with no or weak passwords. The people running cloud services typically aren't that dumb, and it is very costly for a hacker to take down a modern secure encrypted system. It's not that it can't be done, it's cost prohibitive in most cases. That's why governments and military organizations are the people we need to defend against. Those groups have the resources.

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 10 Sep 2019, 09:49

You heard about the hack that affects nearly every commercial airliner currently in service.
It was discovered they can take over complete control of the airliners.
They knew about this possibility, but it was way to expensive to correct the problem.

One of the ways folks on Farcebook are getting hacked is actually outside of Farcebook's control.
Anyone can log into your account if they have your password.
And that is where the system, no matter how much encryption is used, breaks down.
All a hacker has to do is place a key-logger on your computer, often downloaded when you open an image.
Then it self-extracts into your computer, and gives the hacker access to the file it created that logged your keystrokes.
It doesn't look at the saved passwords on your computer, because those are encrypted in today's computers.
Even if you use something like a Google Toolbar to get to sites quickly, that data is encrypted as well.

One of the reasons I prefer GNU/Linux is because it keeps a file of where anything downloaded is stored.
When you install a new program, the location of where every element of that program is stored is added to this file in your /home directory.
There may be something similar for Windows computers, but I don't know anyone who has such a program installed. If they did they could just check it to see where a program hides all of its secret files, like usage timers and the like.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 10 Sep 2019, 15:33

You have heard of two-factor authentication, right? I can give you my password to Facebook, but if I have TFA enabled you will have a useless password. A second verification (and sometimes third) is in my personal possession and both are needed to complete the login. Most people don't bother to use TFA.

Encrypted passwords stored on your computer can easily be broken. You need more than what you can download from a Linux repository or what is built into Windows in order to secure locally stored passwords. If you're one of those who use your browser to keep your passwords safe, I'll pray for you next time I'm in church.

Linux, and WIndows, and all the rest I would suppose, have system logging files. Everything that is done in the background and up front gets logged into a file somewhere. It might be binary, but it is readable with the right tools. So, if you look at the installation logs, yes, you can tell where every piece of a given program was installed. It's just SOP and has been done since the beginning of time.

The cost of protecting an enterprise network exceeds the budget of just about every company who has such a network. That's why it isn't done. Then, too, there are idiots who don't know any better. How they get put into positions involving security is beyond me.

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 11 Sep 2019, 10:09

Just another gimmick to sell more Schmartz-Fonz.
I used Google Authenticator for about six months and got so fed up with it I had it turned off.

Here's the problem:
I have several computers here, and only a Flip-Fone.
Now, as long as I'm on the same computer, I can log-in with no problems.
But the minute I use a different computer, BANG, I have to wait for my Flip-Fone to get a message with an access code and type that in.
GREAT, now I can get in on this computer.
Go back to my other computer, BANG, I have to wait again for a code.
OK, finally, got both computers up with what I need on each one.
Oops I need to look something up, move to a third computer, BANG, same problem, I need a friggin' code.

To get around this I would just open everything up on the same computer, which makes my work much harder.

The other Alternative is to PAY a monthly fee to have a third party company maintain my log-ins.
To do that, I have to go to their site, log-in, then go the websites I wanted to visit using Links I placed on their website.
So, THEY have all of my passwords, both sets, and I'm supposed to trust they won't get hacked.

Nope, I'll take my chances!

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 11 Sep 2019, 12:16

I never used the Google authenticator and can't comment on how it works. In general, once you log into a computer you do not have to re-authenticate until you log out. Perhaps you're missing something that needs to be synced. Most of the two-factor logins I've seen are part of a given website. My bank, for example, requires two factor and sometimes three before they let me into my online checking account. Same with the credit card. I choose to have the security codes e-mailed to me so that I can copy and paste them. Getting the code via text message is probably better for security purposes. I agree with you in that I doubt I'd ever pay somebody to manage the security on my computer. And, you don't have to worry about that third party service being hacked. The security codes they send are typically only good for a couple minutes. There is nothing to hack.

I know the frustration you must be experiencing with the two factor security codes. I have been locked out of my bank account a few times because they can't figure out who I am. It wasn't until I got on the phone with their tech support people and threatened to move my assets to another bank with a usable security system that they decided to allow virtual machine logins. Bastards they are. But then, I can't blame them too much. I'd feel really bad if just anybody can get at my checking account. :grin:

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 12 Sep 2019, 10:33

Aha, I think what I did was something different, since you said each website had its own.

Yes, my bank has a double log-in, as does my pharmacy, doctors report center, and my financial accounting office.
But they do not have to send me a new codes each time I try to log-in.
The bank sends a new one each month on my bank statement. But they take into consideration I may not have received my newest statement yet, so both the old and new will work for ten days, then only the new one. I still have my password to get as far as entering the second code they provide.
The pharmacy works a little differently. If they send me a notice of a pharmacy order update, and I click on the link to place the order, it does so by opening my web browser and showing the order was received, then I also get a follow up e-mail, and this is an important e-mail, because if I want to log into my account, after the fact, I need a code they send in that specific e-mail. There is a way around it if I don't have it, but it requires entering three more things.
The others I have my password, and a secondary code word that rarely changes, sometimes with a number tossed in.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 12 Sep 2019, 12:09

One of the things I laugh about all the time is my Facebook login. It's a password that is widely known and very short and sweet. I dunno how long I've been on Facebook, at least ten years, but they never once told me to change it. They have tried to force me to use paswordless login, which I flatly refuse to do after over a BILLION of their user accounts were hacked and those login tokens stolen. Oddly enough, no high school kid with nothing to do has never tried to log into my account either. So much for secure passwords. LOL

It just means that I'm not a high profile account on Facebook and nobody thinks it's worth the effort to hack my account. Truth be told my bank account is pretty much the same. Not much in there to steal. :mrgreen:

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 13 Sep 2019, 11:00

I know a few folks who SAID their account was Hacked, when it really wasn't.
What is happening is someone will take your name and your photo and create a new account so it looks like you, then they send everyone on your friends list an invitation to join them.
And/or they start posting nasty things under your name.

I do know one who's account was really hacked and they went to the game they were playing and sent the cash to themselves, and mangled their game big time.
But I only know of one person who this ever happened to.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 13 Sep 2019, 12:36

People share their passwords freely with friends and relatives. What could go wrong there? LOL I've not heard of a lot of problems with individual Facebook accounts. Their servers and databanks have been hacked big time, more than once. My profile claims I worked for the CIA and went to a school in Russia. I would think that kind of set up would attract a lot of Ne'er-do-wells, but as I say my account is pretty low profile. I think the pros know I'm spoofing, but there are a lot of Right Wing Nuts out there who might want to out me. None have taken the bait so far. I'm very glad not to have problems with my account, but it does make me feel insignificant. :mrgreen:

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 14 Sep 2019, 10:39

I ran across what I thought was the FBI website once, through a link on Farcebook.
Although they made the website look as official as possible, FBI stood for something else.
Which they did make very clear in their advertisements on the page.
Seems like it had something to do with Fishing Equipment, Boats, and I don't remember what the I was for.
Wait, yes I do, it was for Instruments. I ended up back there again when looking for radar devices for some reason.
Only by then they had changed their layout. I assume they got into trouble for making it look like the FBI, hi hi.

I think most of the folks who do get hacked on Farcebook get nailed for all the links they click on.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 14 Sep 2019, 13:59

I think you are correct. Facbook is a fertile hunting grounds if you are phishing for goodies. There are enough dumb people in the world to make it profitable. I know I'm asking for trouble by saying this, but I've not had an antivirus program installed (unless I was evaluating it) since I retired more than 15 years ago. I recall back in the early days of Windows 7 when I had to expunge a few bad guys from the system manually, but never had a problem with infections all this time. I take a lot of care to avoid dangerous situations, but things are not getting any more simple. My greatest fear today is ransomeware which uses the most sophisticated methods to attack a system. I have off line storage as a backup, but I'm guessing I'm living on borrowed time until I get hacked.

Windows 10, out of necessity, is forcing their antivirus software on each of it's users. If it ever does anything besides load new signatures, I've not been notified of it. I can't even find a log for their scans. It's probably there in some hidden directory. I do look for malware proactively and have a favorite scanner for that. Rarely does it come up with anything significant. So, I'm fairly confident that using good browsing techniques and keeping the software updated is the best defense against bad actors.

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 15 Sep 2019, 11:14

Yeppers, you are right. I never used virus protection programs either, because they always caused more problems than they solved, plus slowed down the computers.
And from what I understand, they can only stop a virus if they know the file name of the particular virus and add it to their scan list. If someone changes the file name, they won't find it, until it is reported enough times for them to add it to their list.

Although LInux is not totally immune to getting a virus or malware or even ransomware. A LAN is only as good as its weakest link, which in my case, was a Windows computer on the LAN which could find NTFS formatted external HDs connected to Linux computers because they were on the same LAN as the Windows computer. NOT ANY MORE, hi hi.
Because of the three levels of security in Linux computers, most virus and malware attacks only hit a users home folder. It is rare for one to be able to get into the administrative areas of the computer, and nearly impossible to get as deep as root.
Although, as you've mentioned before, some programs that already have access to root, such as FlashPlayer, can allow someone to do damage in the root areas of a system due to poor programming techniques of the program itself.

The frau had one virus program on her computer that kept flagging the same things that she was doing purposely.
After putting up with this nuisance program, Avast was its name I think, I changed to something else. I don't remember, maybe avast is what I changed too. Anything to get rid of the one that came with the computer. She does want the virus protection turned on, although like you, it has never caught anything. The program I did put in I could set to remove certain files every day so they didn't build up on her. She uses her history file to get back to sites, so didn't want the whole thing deleted. And this new program lets you set it to delete history over a day, a week, or a month, maybe even over a year, hi hi. I have it set right now to delete old history over a month old.
Plus of course we both run programs to delete tracking cookies and/or not allow them to install in the first place.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 15 Sep 2019, 13:58

The last time I looked, maybe a year ago, Avast was the #1 rated antivirus program. Believe it or not Windows Defender came in as #2. Both of those have been exchanging ranking positions for quite a while. Since I cannot delete the Microsoft antivirus protection from Windows 10, it's pointless to have a second program installed. In fact two AV programs on the same computer often creates conflicts. I do run malware scans on all my computers from time to time, and that is done manually.

The old way of finding viruses is what made them useless. Each variant has a signature (checksum?) that can be searched for, but unless the signature is in the AV database you are vulnerable to zero day viruses. After the first few detections are publicized, the databases are updated. That's why some vendors claim to update several times a day to give the impression they are current. It's not a bad method unless you are among the first to be infected. Then you become a statistic. Now and days virus makers are smarter and the detection has to be as well. They don't rely on signatures as much as they do artificial intelligence. This is a better approach in that it can capture variants of viruses that have not been invented yet.

They have been claiming Linux (Unix) is safer than anything Microsoft offers for many years now. As an administrator I subscribed to bulletins and newsletters that listed newly discovered vulnerabilities. Suggested patches for known vulnerabilities were overwhelming in numbers. A vulnerability is not the same as a virus infection, but it is a path that is open to a bad actor who knows about it. I can assure you that Linux is no more secure than is Windows based on only what I've seen. If you doubt my assertion, just think back on all the breaches you have read about, which is a small fraction of all the breaches that occurred, and you will note each one is an a Unix/Linux server. (Linux rules the server world, right?) True, a breach is not a virus, but it is a vulnerability that has been exploited. A lot of corporate and government computers have gone down lately to ransomeware, and those systems supposedly are curated by high priced college graduates specifically honed for the task. My only reaction is to smile when I read about security claims.

By the way, most successful attacks on Linux servers occur at the root level. A user account may be used to get that access, but the target is nearly always the superuser.

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 16 Sep 2019, 10:33

I don't disagree with you. Since the world runs on Linux, Linux servers worldwide are the primary focus of attack. It is what most hackers try to get into. But they are usually after something specific, something to steal.

Then there are those who just like to mess everybody up, as many as they can, and often find a way to profit from it.
Since most folks use Windows computers for home and work, this is where they focus their devious deeds.

But as far as desktops go, Linux is far more secure than Windows. Servers not so much, since nearly everything done on a server is at root level, it is exposed, compared to desktops where the root is protected.

Most supercomputers only run one program at a time, and each program is lined up back to back waiting for its turn.
While a server or desktop may be running hundreds of programs at the same time, and each program could have an open door for hackers to get in.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 16 Sep 2019, 18:28

All I know is that computer security experts have an entry level pay in the six digit range. That's not because of inflation either. LOL

I just read an interesting article about HP printers maxing out market share. In fact the projection is to lose sales by something like 8% in 2020. The article was a financial rag sheet telling about a pundit who downgraded HP from a buy to a hold position. HP stock tumbled after that. HP also is big in the PC world which this pundit claimed peaked out about two years ago. There are small losses projected worldwide but he figures it's coming to deep dive point in the near future when technology leaps into the next generation. So, I am thinking, why bother with security if there soon will be nothing to secure?

Oh, wait. Those Linux servers will still be around. :grin:

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 17 Sep 2019, 12:33

I think HP's biggest market is in medical and hospital equipment and programs.
Every examination room I've been in, in hospitals, there are at least 6 to 8 HP hi-tech computerized products in there.
Plus all the peripheral items that go with them, most of which are now used once and discarded.
The ironic thing is, nearly all of these products use the Linux kernel.
In an ER and associated surgery rooms, there are often more than a dozen HP products in each one.
When you consider the number of hospitals across the nation (and elsewhere), with so many items in each department, that alone could outnumber the home desktop market.

By the way, from what started this topic, did you ever get a USB stick to work the way you want it to?

I do think technology will move ahead for home computing faster than we can blink an eye.
Many have already moved up to touch screens, and now with improved voice recognition, it won't be long before we do not need a keyboard or a mouse.
From what I understand, they are already working on voice controlled CAD/CAM programs.
I can see it now. Hal, draw a zero width polyline from x11dot323 to y89dot767 and hold at that point for next coordinate.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 17 Sep 2019, 13:46

It's going to be Hal telling YOU were you can go to pick up the hard copy of the new gizmo it designed using it's artificial intelligence and machine learning skills. Also, Hal won't need individual programs such as AutoCad. It will just ponder a problem and produce the best fit solution before anybody can even figure out what Hal is pondering. You will become the tool of the computer of the future, not the other way around. I know you think you are a short timer, but the future of AI is descending down upon us at breakneck speed. Once AI takes hold you will see old age as a treatable disease. In fact most diseases will be eliminated, if we don't eliminate people that have them first.


I made an attempt at creating a hybrid USB version of Linux MInt. That is to say, I started to create a memory stick that will boot in either MBR or UEFI. Believe it or not, that actually is the simplest of the four methods referred to in that last article. Simple in theory, that is.

The first step is to format the USB stick using Gparted. There are some very specific requirements, but nothing unusual. Partitions need to be provided for both an MBR sector and an EFI software repository. That creation of the MBR sector is the missing link I've not seen in any of the literature I've read so far. Anyway, I formatted the target memory stick and then downloaded the current version of Linux Mint. Then it was a simple matter of using Rufus to make a bootable ISO. The first step is to boot from the ISO and then do the partitioning of the target stick vial Gparted. At that point everything is ready for Mint to be installed on the target. It started to install and asked the routine questions, but hung up on the timezone. I told it Chicago, and it said, "mhmm" but didn't do a thing after that. Waited a half hour and it still was looping through whatever it was looping through. I had to kill it and start over. Of course, now the partitions were partially boogered up by the faulty install. The live ISO would not allow repartitioning at this point. Something major happened to the target USB. So I shut it all down with the intention of partitioning the target again, but got sidetracked. I had to run an errand and encountered another vehicle unexpectedly. I believe I described that incident elsewhere.

So, I'll try again, maybe today. But, for whatever the reasons might be, Linux Mint 19.2 is a total disaster. A fresh copy downoaded from their website crashes. I've had problems with it on the laptop too which is when it decided to corrupt the Windows bootloader. I won't even get into what it does with nVidia, but at least I know how to fix that problem. If I were a sane person, I'd be distancing myself from Linux altogether and particularly avoiding Linux Mint. But I'm not sane, and what is more this is all working in the MBR ASUS mobo tower. Been working for months, if not years. Getting it to work on the laptop and/or USB memory, however, is something Linux hasn't figured out yet. But I'm not going to quit trying until I accomplish the goal. I may quit at that point because it truly is starting to look like Linux is not worth the effort required to make it work.

User avatar
Kellemora
Posts: 3208
Joined: 16 Feb 2015, 11:54

Re: Way To Go - Finally

Post by Kellemora » 18 Sep 2019, 10:43

I do know one of the kids at the Library had Linux Mint 17, and I think another had Linux Mint 18, but none had higher than that, and most had Ubuntu, but I don't know what version.
Maybe the newest ones are not stable enough yet?

I think the purpose of making a bootable LIVE USB stick first is to get that MBR section on the USB stick.
Then after they repartition the disk they add the EFI partition and install the OS on partition 3 from what I'm gathering from the stuff I've read and was told to me.

It has to work somehow because I see kids using these sticks, hi hi.
And I honestly don't think any of them are all that smart about much of anything, but still made their own, and they work.
Of course, they would never admit they had to have help or that it took them several tries, hi hi.

User avatar
yogi
Posts: 5658
Joined: 14 Feb 2015, 15:49

Re: Way To Go - Finally

Post by yogi » 18 Sep 2019, 15:18

I know it is possible to install a Linux OS onto a bootable USB memory stick. I've done it and still have a few of them laying around. This was all done in a world where only MBR existed. Actually, the latest working versions worked in UEFI that was simulating MBR and BIOS. The problems didn't start to occur until I got the MSI laptop which is all GPT and UEFI. At first I thought like the rest of the world, that is to say, UEFI is screwed up. I no longer think that way. I'm convinced the problem is with Linux and the developers who claim they have overcome the UEFI problems of old.

You have the right idea for one approach to creating the USB stick of my dreams. The stick must be formatted and partitioned in a specific way on an MBR machine. I just happen to have one of those where my reliable Windows 7 is running. Once the partitions are created, then it's just a matter of installing the OS to the right partition, generally an ext4 formatted partition. The partition ahead of the ext4 is FAT and only 200 MB. This is where the UEFI instructions would go if there were any UEFI instructions. It's not needed or recognized by the old BIOS/MBR system. Ahead of those two is a third partition of 2MB in size. This is the first partition on the stick and is equivilant to what would be a Master Boot Record (MBR) on a hard drive. In other words, that's where the boot management software goes (GRUB). I got all that done. No problem.

Today I discovered that Linux Mint comes in a version that is LTS and with an Xfce desktop. The Xfce desktop is what I had to use in order to install OS's on the laptop alongside of Windows. It wasn't a Windows problem but rather an nVidia problem. For whatever reason Xfce gets around the nVidia issue. So, I was happy to see Mint in that flavor but sad to say goodbye to Cinnamon. Or, so I thought. I partitioned the USB stick as described above and installed Mint. Installation failed exactly like it did the first time I tried this; it stops when it gets to the timezone setting during installation. I rebooted and tried again and this time it installed. I did not attempt to delete whatever was in the partitions after the failed install. I'm sure the installer does that for me anyway.

The next and final step is to boot into the newly installed Linux Mint and copy over the required UEFI files to their designated partition. This has to be done in the BIOS/MBR environment because UEFI has not been installed yet. Well ... the USB does not boot. My BIOS doesn't even recognize it as bootable media. While I can't look at it directly, it does appear as if a GRUB image was installed in that first (MBR) partition. My BIOS, however, does not recognize it and will not allow booting to it.

I'm very frustrated at this point because I know I'm a fairly intelligent person but my computer and the world of Linux is calling me stupid. One of them is broken. I'd like to say it's Linux, but it could be my computer too. I'm very close to trashing it all and buying some Apple Computer hardware. I'd do that but it would work way too well. I'd have nothing to do in my spare time and the become depressed. Antidepressants are very expensive, so I'm not sure I'll actually go that route.

Post Reply