Showing all posts tagged: security

Windows 11 forces data backup to OneDrive, possible workaround

26 June 2024

Maybe it’s time to start a Windows 11 is going just great website, similar to Molly White’s Web3 is Going Just Great. I say this after reading about another instance of heavy-handedness on Microsoft’s part, at Neowin:

Quietly and without any announcement, the company changed Windows 11’s initial setup so that it could turn on the automatic folder backup without asking for it.

Quietly and without any announcement. What a way to treat customers/users. OneDrive is a little like Apple’s iCloud, which stores data (files, photos) according to choices made by the individual. The difference, now, between iCloud and OneDrive, is one is user configurable, the other isn’t.

This is foul. Every time OneDrive tried to open on my old Win 10 install, I promptly closed it down. No doubt Microsoft was watching my every move as it was, but there was no way I’d trust them with copies of my data files.

As a result of this move though, some inadvertent OneDrive users are apparently finding their auto-backed up data exceeds the default five gigabyte OneDrive folder limit. Any excess above five-gigs needs to be paid for. Marvellous.

But there may, possibly, be a workaround.

It involves transferring (cut/copy and paste) all files from the default data folders, e.g. Documents, and moving them to a separate folder on your hard drive. Perhaps call the new folder My Data, and then set up sub-folders inside that for your data, e.g. photos, word documents, etc, etc. This is what I’ve been doing all along, I’ve never kept anything in those default folders. I even set up my own separate downloads folder, and configured all downloads to save there.

Trying this might keep data and files out of OneDrive’s reach. For now, anyway.

Despite using Dropbox for a lot of the files I use daily, I also keep backups of everything on thumb drives (which are stowed securely elsewhere). It was a bit of work to set up, but is quick and easy to use now. Hopefully my data storage system also helps keeps my data and files a little more secure.

RELATED CONTENT

, , ,

What about anti-virus apps? On going #IndieOS with Linux

14 June 2024

As I wrote a few days ago, I’m in the process of trying out Linux operating systems, specifically Linux Mint. With the release of Windows 11, I think Microsoft has (finally) jumped the shark. Others will probably argue that happened long before Win 11 came along. They’re likely right.

I’ve been doing a lot of reading about Mint, and what apps I might need to run the OS as smoothly as possible. Inevitably, the question of anti-virus (AV) software came up, something I posed to my search engine. I was quite surprised to read that anti-virus software isn’t (necessarily) needed on Linux OS’s.

Needless to say, I did a double take when I saw that. Isn’t going without an AV app foolhardy in this day and age? Well, yes in general, but in regards to Linux, possibly. That’s because there are a few factors at play. For one, devices with Linux OS’s are only present in relatively small numbers. As such, they’re not worth the effort for most writers of malicious code.

Targeting Linux wouldn’t cause enough disruption for them apparently. I’d say there though, disruption to even one person’s computer would be devastation in spades. But let’s hold to the hope that writing Linux viruses is, for the most part, a waste of time.

Then there’s the difficulty of running malicious code, on account of the permissions setting structure of Linux. Someone would almost knowingly need to install a virus file for one to take hold. I’ve only been using Mint a few days so far, but each time I install an app, I’ve needed to enter a password.

That might present a huddle when it comes to executing a virus. Another point is just about every Linux app is only available by way of an app store. And only vetted, safe apps, are included in the store. If apps are sourced solely through Linux stores, supposedly a system will remain safe.

I have no doubt that viruses present far less of a threat to Linux computers, but still feel nervous about being without some sort of AV protection, as useless as some Linux users claim it to be. So I’ll see how I go. But it made me wonder. Is the whole AV industry a by-product of the vulnerabilities in one family of operating systems?

Malicious code presents a problem for all platforms, so that’s unlikely to be the case, even if it might be fun to think as much. On the other hand, it seems to me the family of operating systems in question, is the virus itself, in so much as it now seeks to dominate, and control, its users.

While the jury may be out — in my mind at least — as to the question of AV apps for Linux, I’m sure that taking this step into the realm of what I’m calling #IndieOS, is the right one. And why not?

If #IndieWeb represents a move away from an internet under the control of large corporate entities, to one where individuals have more sway, then migrating to Linux is adopting an OS that likewise gives individuals similar control. #IndieOS? Yep, that’ll do me.

RELATED CONTENT

, , ,

Stalkerware users should be watching themselves, not others

21 March 2024

Sydney based Australian author Kerri Sackville, writing for The Sydney Morning Herald, on the subject of stalkerware, insidious apps that track the activities of a person you want to keep tabs on:

But I had nothing to gain from spying on him because I already knew what to do. In intimate partnerships, the desire to spy can only mean one of two things: that something is terribly wrong in your relationship, or that something is terribly wrong with you. If it’s the former, the solution is not to dig up answers; the solution is to get out of the relationship.

But trust, or lack thereof, isn’t necessarily why people use stalkerware apps. They sometimes also seek to control and coerce those they are monitoring. To them, it has little to do with trust. It’s more about rampant entitlement. They somehow feel as if they have every right to spy on someone, and as such are completely oblivious to the wrong they are doing.

Something is indeed terribly wrong with such people.

RELATED CONTENT

, , ,

Privacy warning: your car may be monitoring your sex life

12 September 2023

The Mozilla Foundation, which is part of the same organisation that produces the Firefox web browser, and the Thunderbird email client, recently examined twenty-five car brands, and found consumer privacy left — to put it mildly — much to be desired. In fact, the foundation discovered cars to be in the “official worst category of products for privacy” that they had ever seen:

Car makers have been bragging about their cars being “computers on wheels” for years to promote their advanced features. However, the conversation about what driving a computer means for its occupants’ privacy hasn’t really caught up. While we worried that our doorbells and watches that connect to the internet might be spying on us, car brands quietly entered the data business by turning their vehicles into powerful data-gobbling machines. Machines that, because of their all those brag-worthy bells and whistles, have an unmatched power to watch, listen, and collect information about what you do and where you go in your car.

Not only did the majority of car brands that were studied collect large quantities of personal data, they were also highly inclined to on-sell that information. But there’s more. Some car brands were found to be gathering information about the “sexual activity” of customers. In other words, if you’re thinking about having sex in your vehicle, think again. Your car may be monitoring, and recording…

RELATED CONTENT

, ,

United States government is considering a full TikTok ban

2 March 2023

Lawmakers in the United States are considering legislation to ban the use of video sharing app TikTok, citing national security concerns:

On Tuesday, the House Foreign Affairs Committee was expected to move forward with a bill that would give President Joe Biden the authority to ban TikTok from all US devices. That’s an estimated 130 million US users. A ban would require passage by the full House and the Senate before the President can sign it into law.

While there are concerns ByteDance, the company who owns TikTok, is sharing user data with the Chinese government, a blanket ban on the app would be a drastic move. I don’t know what the numbers are, but there must be fair few Americans — TikTok influencers for instance — whose livelihoods could be threatened by outlawing TikTok.

RELATED CONTENT

, ,

Blockade Australia protestors forced to surrender smartphones, passcodes

29 June 2022

Say what you will about the recent Blockade Australia protests (do we not now have a climate-change friendly government?), but the conduct of police in dealing with the protestors they have been detaining has been causing alarm.

According to Digital Rights Watch, an organisation dedicated to protecting the digital rights of Australians, some arresting officers are demanding alleged offenders hand over devices such as smartphones, and also surrender access passcodes.

Digital Rights Watch has also been made aware of an incident where an individual who was simply near a location thought to be connected with Blockade Australia activities has had their phone seized by police. The police made a number of attempts to guess the passcode before handing the phone back.

Posted at Daring Fireball yesterday, and possibly useful: how to temporarily disable face id or touch id, and require a passcode to unlock your iPhone or iPad.

RELATED CONTENT

, ,

How locks, including the unpickable Enclave lock, work

27 June 2022

The Enclave lock, designed by Andrew Magill, comes with the claim that it cannot be picked. This might be the news the security conscious have been waiting for.

Some locks are more difficult to pick than others. Some have more perfect tolerances, or more positions, or keyways that are more difficult to fit tools into, or parts that move in unusual ways, or parts designed to mislead pickers, and so on. But these are only incremental improvements, and don’t address the fundamental flaw. The solution is to make it so that the two steps- accepting input, and testing that input- can never happen at the same time. When those two steps cannot interact with each other, a well-designed lock will never reveal information about the correct positions of its individual parts, nor can they be made to ‘fall into’ their unlocked positions through manipulation.

Watch the video clip for the Enclave lock though. As well as demonstrating Magill’s new lock, it also shows how conventional locks work. Quite fascinating.

RELATED CONTENT

, , ,