We just talk about different things. You mentioned SECURITY updates. Not bug corrections, not feature requests - SECURUTY updates. And when I answered that security updates are quite rare thing if you use an Operating System - you changed the theme to feature requests (you need Webmail and smartphone sync).
A government spokesperson states that any disclosure of classified material is harmful to our national security.
JFYI: Long time ago I worked with (then) top secret information in some Soviet scientific institution (Disclaimer: This info is a GPS coordinates and is not secret anymore). I have found that a fraudster pseudo-scientist successfully used the top secret status to cover his activity from scientific community and to milk the Russian military-industrial complex with his pseudoscientific activities.
I cannot believe that similar over-secrecy with similar results cannot happen everywhere, including US.
If you want the NSA/FBI/CIA to stop spying on everyone, abolish them. Then enjoy your free country for about a year, because that is as long as it will last.
Once upon a time I worked with a company whose competitors had an influence in SORM system (the Russian phone interception system for investigation). Of course, all our clients came to them. We became happy only after our boss began working from home and secretly rented a phone line from his neighbor.
Now imagine how much YOUR economy loses due to leaks of your secret info to competitors via bribed agents of 3-letters. No wonder that your free country is no more free.
Mne chto, pokryt' tebya russkim matom, chtoby ubedit' v obratnom? I know about LG Smart TV. I simply don't watch TV since there is pro-Putin propaganda and stupid serials specially crafted to make Putin's electorate more controllable. The only satisfactory channel is "Kultura".
Soviet anecdote: Pet'ka comes to Chapaev (Chapaev was a famous Red commander during Civil war and a hero of lots of anecdotes). Chapaev: Pet'ka, why haven't you ironed your uniform? Pet'ka: This morning I turned on my radio and could receive nothing except translation of XXV Congress of Communist Party of the Soviet Union. I tried a TV and there was the Congress too. And I was afraid to turn on an iron.
Hope you understand how we Russians love a TV.
And the last. THEY will NOT monitor what I watch. If everything goes OK and our TV becomes at least as good as during Soviet era, with education programs, good cartoons for children a.s.o., I would watch it with DVB-2 receiver which never reports anything. If not, I'll watch P2P downloads which shall be untraceable due to efforts of your *AA to suppress everything traceable. Really, they are untraceable already.
"The security updates are for the server itself. If you think its ok to run a mail server and not be paying attention to security updates. Well... "Throw away this beleif.":)"
Yes, I do according to security _advisories_ for my system which I check regularly. The last time I did so was 10 years ago. If YOUR server needs security updates more often - maybe it's executable has.exe extension?
Security by obscurity is never a good thing. Basically, if you think that your door will never be kicked down because THEY don't know about your belongings - you are wrong. Your door should never be kicked down because it's strong enough. And while they kick you should have enough time either to shoot or to exfiltrate.
You live in your cardboard and sheetrock cabins - and think it's normal. The normal building is at least wooden one where you need a chainsaw to enter. Here in Russia the Police needs about a hour and a grinding machine to enter an apartment against owner's will.
If you believe that anti-virus and security updates are really needed then you possibly believe that the program should have.exe extension to be executable. Throw away this belief. After this your only problem will be spam. And it's quite easy to fight. You just tell your important correspondents to include some keyword to header and tune your mail client to mark it as NOT SPAM. Every other mail is sorted by built-in spam filter of your client.
Since it isn't obvious, there are two ways that VPNs help:
(1) They mix your traffic in with everybody else using the same proxy -
Once upon a time when the trees were green I logged to some VPN. Then I found the output proxy address of this VPN and entered
$ ssh this_address
- and logged into my own system. It means that this specific proxy does NOT mix any traffic. And BTW I don't fear NSA which supervises this VPN, I fear only The Party. And also if you think that The Party cannot separate your traffic from the mix - you are wrong.
It's correctable. Just ask your congressman to make your everyday activity punishable. Here in Russia I read about 3 reports per day about people punished due to use of social networks to publish dissent with official national policy.
It is just why I always insist that any so-called Crypto Phone Program is basically worthless since any of them does nothing to hide a FACT of communication between specific persons. The 3-letter agencies need not know the conversation itself since they can always torture it out of your correspondent.
Now, I see some developments in this direction but all of them are quite far from fruition since every really anonymous protocol is by definition slow.
As a Russian citizen I doubt. You know, the strength of US Dollar is based on the fact that it's the only currency exchangeable to petroleum, and every country that uses any other currency for this purpose becomes democratic. (Saddam sold oil for Euros, and his country became democratic, Lybia sold oil for Euros and became democratic too, Iran sold oil for gold and will surely become democratic immediately after Syria).
I believe that the only method to get rid of such threat is to make files executable by change of their attributes, not their extension. You understand what I mean;-)
As I understand, there are at least 2 purposes for monitoring the network: debugging and spying. I believe that due debugging is already built-in. But spying is a concern, especially since the Russian authorities have required the ISPs to preserve ALL data traffic in their network for 12 hours for further investigation. What about NSA?
Sorry, ladies and gentlemen. I was a longtime fan of Radeons, and I bought me a new shiny Radeon+Phenom notebook - just to find that the Radeon X-Windows drivers don't support FreeBSD anymore. They need a Kernel Mode Switch that is obviously absent. Now the FreeBSD team implements it while my book collects dust. The Nvidia drivers are closed-source and glitchy - but at least they exist and they work.
Excuse me but I see the following there at ekiga.org:
Get your personal Free SIP address at ekiga.net.
What does it basically mean: that there is a central repository of ekiga addresses and contact info. It means that every 3-letter agency that possibly controls the repository can collect metadata about ekiga contacts. For instance, if I request a contact info about Osama bin Laden then there are chances that I am Al-Qaeda member and should be checked.
Moreover. In order for people to be able to call me there should be some repository that always knows my address. And the same repository can be queried to discover my real physical position (and direct a drone there).
Really, I am GLAD that Microsoft makes problems for a Skype community. Reason is that Skype is as compromised as any other existing VoIP protocol now, and in post-Snowden era it became crystal clear.
I don't worry about crypto phone per se. With modern crypto protocols creation of a VoIP utility that encrypts the conversation is trivial. Problem is a collection of metadata by 3-letter agencies about the calls which leads to discovery of your contacts and torturing your secrets out of them. You name it "rubberhose cryptoanalysis", we Russians prefer the term "thermorectal cryptoanalysis" meaning a hot soldering iron in subject's anus.
I don't know any such program. There are TOR and I2P messengers but no such VoIP programs. maybe YOU know something about them?
If such a program emerges AND Skype is being undermined by Microsoft itself the transition to the new program will be fast enough.
I believe that it's the existence of insecure sites that promotes the creation of immune software. And [TINFOIL MODE ON] that the existence of services that mark sites as harmful allows the vulnerable software to exist and to give a profit.
I should mention that the printers with built-in Postscript "just work" under any kind of *nix. No more specific drivers, font problems, bad picture scaling etc. I have 2 of them (bw and color) and I remember a Windows-only device and Ghostscript driver for it as a terrible nightmare.
Unfortunately, I've never seen a cheap Postscript printer-scanner.
She cannot be on a bridged modem since it would mean that only the computer that terminates the PPPoE connection will be online. It's not the case. Also, MY provider gives me a new address each time I log in. Other policy should be a waste of precious IPV4 addresses and so ISP have no incentive to use it. In order to have a fixed IP I should pay about 1/3 of my total Internet access fee.
If the Windows computer is behind the NAT and no DMZ or port redirection configured (which is a case for a freshly reset modem router in router mode, not in a bridge mode) no [expletive] SYN should ever reach it without some program that opens the NAT for itself. And I strongly believe that it's the router that should protect your computer. So your post is basically irrelevant, you shall be assimilated.
Going to Cops is possible ONLY with satisfactory PROOF of criminal activity. In other words, it's YOUR duty to find all the viruses, troyans and other beasts, study them, find the person who intentionally installs them and then pass all the evidence to cops. To do it you should be a guru yourself and need no expletive cops.
Low level formatting? Really? You should begin with only 2 devices: clean modem and clean computer. To have a clean modem, it's better to replace it with a known good modem in order to be able to repeat the problem if needed. DSL modems are dirt cheap here in Russia and should be dirt cheap in USA. Be sure that Dynamic DNS is OFF.
The clean computer is produced by downloading any of millions of live Linuxes (and Windows too, but I don't recommend this for technical and copyright reasons) and disconnection of your HDD.
You may ask your neighbor for modem and notebook for this purpose.
Then, when you are logged in and have access to your router, you should look at modem stats. You should look specifically at Signal to Noise ratios (or Noise Margins) both for Upstream and Downstream, and Attenuations, also for both up and down. Margins should be at least 10 decibels, and all four parameters should be rock stable; if not - you have a wire problem that should be fixed by phone technicians, neither ISP nor you.
I've personally seen that DSL works with NEGATIVE margin and gives 64 kbit/s but it was an extreme case that has been fixed by changing an ISP after a lot of scandal.
My distance from switch is 1 kilometer, US rate 575 kbps (Capped by provider), DS rate 7196 (capped by provider), DS attenuation 17, US attenuation: 10, DS margin 17, US margin 1817 (Bug in OpenWRT?).
In this idle state your system should be OK for indefinitely long time while your patience lasts. If not - then it's NOT your problem and you should ask for help from your provider.
And only THEN you should add all your computers and other devices and look for the one that causes the disruptions.
For the future I recommend:
Look at OpenWRT hardware list and find an OpenWRT compatible modem (Yes, I know it's difficult. But I have 3 modems of 2 models so it's not impossible). Install it and have a minimal experience in OpenWRT.
Make a reasonable effort to get rid of Windows at least on computers that are not used for gaming. Anything else - MacOsX, Linux, Android, Ipad etc.
Erase your HDD. Make a clean install of your Windows with all the drivers and utilities and backup it to flash or DVD.
Have a HDD to USB adapter and a spare HDD. When you have a possible virus, restore a backup to this HDD. Start a clean copy with AV tools, then attach an old HDD and scan it.
Have a separate archive HDD (or at least an archive partition) and it's copy stored offsite.
Slashdot Mirror
We just talk about different things. You mentioned SECURITY updates. Not bug corrections, not feature requests - SECURUTY updates. And when I answered that security updates are quite rare thing if you use an Operating System - you changed the theme to feature requests (you need Webmail and smartphone sync).
In Soviet Russia, it is not named OS. We name it "a graphically decorated cheap shell (or bootloader) with a strong smell of mice". You understand.
A government spokesperson states that any disclosure of classified material is harmful to our national security.
JFYI: Long time ago I worked with (then) top secret information in some Soviet scientific institution (Disclaimer: This info is a GPS coordinates and is not secret anymore). I have found that a fraudster pseudo-scientist successfully used the top secret status to cover his activity from scientific community and to milk the Russian military-industrial complex with his pseudoscientific activities.
I cannot believe that similar over-secrecy with similar results cannot happen everywhere, including US.
If you want the NSA/FBI/CIA to stop spying on everyone, abolish them. Then enjoy your free country for about a year, because that is as long as it will last.
Once upon a time I worked with a company whose competitors had an influence in SORM system (the Russian phone interception system for investigation). Of course, all our clients came to them. We became happy only after our boss began working from home and secretly rented a phone line from his neighbor.
Now imagine how much YOUR economy loses due to leaks of your secret info to competitors via bribed agents of 3-letters. No wonder that your free country is no more free.
Mne chto, pokryt' tebya russkim matom, chtoby ubedit' v obratnom? I know about LG Smart TV. I simply don't watch TV since there is pro-Putin propaganda and stupid serials specially crafted to make Putin's electorate more controllable. The only satisfactory channel is "Kultura".
Soviet anecdote: Pet'ka comes to Chapaev (Chapaev was a famous Red commander during Civil war and a hero of lots of anecdotes).
Chapaev: Pet'ka, why haven't you ironed your uniform?
Pet'ka: This morning I turned on my radio and could receive nothing except translation of XXV Congress of Communist Party of the Soviet Union. I tried a TV and there was the Congress too. And I was afraid to turn on an iron.
Hope you understand how we Russians love a TV.
And the last. THEY will NOT monitor what I watch. If everything goes OK and our TV becomes at least as good as during Soviet era, with education programs, good cartoons for children a.s.o., I would watch it with DVB-2 receiver which never reports anything. If not, I'll watch P2P downloads which shall be untraceable due to efforts of your *AA to suppress everything traceable. Really, they are untraceable already.
"The security updates are for the server itself. If you think its ok to run a mail server and not be paying attention to security updates. Well ... "Throw away this beleif." :)"
Yes, I do according to security _advisories_ for my system which I check regularly. The last time I did so was 10 years ago. If YOUR server needs security updates more often - maybe it's executable has .exe extension?
Your best bet is a thick layer of data that defines you as normal, therefore boring.
You don't live in a country where normal is punishable.
Security by obscurity is never a good thing. Basically, if you think that your door will never be kicked down because THEY don't know about your belongings - you are wrong. Your door should never be kicked down because it's strong enough. And while they kick you should have enough time either to shoot or to exfiltrate.
You live in your cardboard and sheetrock cabins - and think it's normal. The normal building is at least wooden one where you need a chainsaw to enter. Here in Russia the Police needs about a hour and a grinding machine to enter an apartment against owner's will.
If you believe that anti-virus and security updates are really needed then you possibly believe that the program should have .exe extension to be executable. Throw away this belief. After this your only problem will be spam. And it's quite easy to fight. You just tell your important correspondents to include some keyword to header and tune your mail client to mark it as NOT SPAM. Every other mail is sorted by built-in spam filter of your client.
Since it isn't obvious, there are two ways that VPNs help:
(1) They mix your traffic in with everybody else using the same proxy -
Once upon a time when the trees were green I logged to some VPN. Then I found the output proxy address of this VPN and entered
$ ssh this_address
- and logged into my own system. It means that this specific proxy does NOT mix any traffic. And BTW I don't fear NSA which supervises this VPN, I fear only The Party. And also if you think that The Party cannot separate your traffic from the mix - you are wrong.
I don't have anything the NSA is interested in.
It's correctable. Just ask your congressman to make your everyday activity punishable. Here in Russia I read about 3 reports per day about people punished due to use of social networks to publish dissent with official national policy.
It is just why I always insist that any so-called Crypto Phone Program is basically worthless since any of them does nothing to hide a FACT of communication between specific persons. The 3-letter agencies need not know the conversation itself since they can always torture it out of your correspondent.
Now, I see some developments in this direction but all of them are quite far from fruition since every really anonymous protocol is by definition slow.
As a Russian citizen I doubt. You know, the strength of US Dollar is based on the fact that it's the only currency exchangeable to petroleum, and every country that uses any other currency for this purpose becomes democratic. (Saddam sold oil for Euros, and his country became democratic, Lybia sold oil for Euros and became democratic too, Iran sold oil for gold and will surely become democratic immediately after Syria).
And I fear that China will become democratic too.
I believe that the only method to get rid of such threat is to make files executable by change of their attributes, not their extension. You understand what I mean ;-)
As I understand, there are at least 2 purposes for monitoring the network: debugging and spying. I believe that due debugging is already built-in. But spying is a concern, especially since the Russian authorities have required the ISPs to preserve ALL data traffic in their network for 12 hours for further investigation. What about NSA?
Sorry, ladies and gentlemen. I was a longtime fan of Radeons, and I bought me a new shiny Radeon+Phenom notebook - just to find that the Radeon X-Windows drivers don't support FreeBSD anymore. They need a Kernel Mode Switch that is obviously absent. Now the FreeBSD team implements it while my book collects dust. The Nvidia drivers are closed-source and glitchy - but at least they exist and they work.
Viber requires my cell phone number as an ID and so allows the 3-letter agencies to discover my real identity. You miss.
Also, their FAQ does not say a word about security. And the last - I see no link to sources.
Excuse me but I see the following there at ekiga.org:
Get your personal Free SIP address at ekiga.net.
What does it basically mean: that there is a central repository of ekiga addresses and contact info. It means that every 3-letter agency that possibly controls the repository can collect metadata about ekiga contacts. For instance, if I request a contact info about Osama bin Laden then there are chances that I am Al-Qaeda member and should be checked.
Moreover. In order for people to be able to call me there should be some repository that always knows my address. And the same repository can be queried to discover my real physical position (and direct a drone there).
Really, I am GLAD that Microsoft makes problems for a Skype community. Reason is that Skype is as compromised as any other existing VoIP protocol now, and in post-Snowden era it became crystal clear.
I don't worry about crypto phone per se. With modern crypto protocols creation of a VoIP utility that encrypts the conversation is trivial. Problem is a collection of metadata by 3-letter agencies about the calls which leads to discovery of your contacts and torturing your secrets out of them. You name it "rubberhose cryptoanalysis", we Russians prefer the term "thermorectal cryptoanalysis" meaning a hot soldering iron in subject's anus.
I don't know any such program. There are TOR and I2P messengers but no such VoIP programs. maybe YOU know something about them?
If such a program emerges AND Skype is being undermined by Microsoft itself the transition to the new program will be fast enough.
I believe that it's the existence of insecure sites that promotes the creation of immune software. And [TINFOIL MODE ON] that the existence of services that mark sites as harmful allows the vulnerable software to exist and to give a profit.
I should mention that the printers with built-in Postscript "just work" under any kind of *nix. No more specific drivers, font problems, bad picture scaling etc. I have 2 of them (bw and color) and I remember a Windows-only device and Ghostscript driver for it as a terrible nightmare.
Unfortunately, I've never seen a cheap Postscript printer-scanner.
She cannot be on a bridged modem since it would mean that only the computer that terminates the PPPoE connection will be online. It's not the case. Also, MY provider gives me a new address each time I log in. Other policy should be a waste of precious IPV4 addresses and so ISP have no incentive to use it. In order to have a fixed IP I should pay about 1/3 of my total Internet access fee.
If the Windows computer is behind the NAT and no DMZ or port redirection configured (which is a case for a freshly reset modem router in router mode, not in a bridge mode) no [expletive] SYN should ever reach it without some program that opens the NAT for itself. And I strongly believe that it's the router that should protect your computer. So your post is basically irrelevant, you shall be assimilated.
Going to Cops is possible ONLY with satisfactory PROOF of criminal activity. In other words, it's YOUR duty to find all the viruses, troyans and other beasts, study them, find the person who intentionally installs them and then pass all the evidence to cops. To do it you should be a guru yourself and need no expletive cops.
Low level formatting? Really? You should begin with only 2 devices: clean modem and clean computer. To have a clean modem, it's better to replace it with a known good modem in order to be able to repeat the problem if needed. DSL modems are dirt cheap here in Russia and should be dirt cheap in USA. Be sure that Dynamic DNS is OFF.
The clean computer is produced by downloading any of millions of live Linuxes (and Windows too, but I don't recommend this for technical and copyright reasons) and disconnection of your HDD.
You may ask your neighbor for modem and notebook for this purpose.
Then, when you are logged in and have access to your router, you should look at modem stats. You should look specifically at Signal to Noise ratios (or Noise Margins) both for Upstream and Downstream, and Attenuations, also for both up and down. Margins should be at least 10 decibels, and all four parameters should be rock stable; if not - you have a wire problem that should be fixed by phone technicians, neither ISP nor you.
I've personally seen that DSL works with NEGATIVE margin and gives 64 kbit/s but it was an extreme case that has been fixed by changing an ISP after a lot of scandal.
My distance from switch is 1 kilometer, US rate 575 kbps (Capped by provider), DS rate 7196 (capped by provider), DS attenuation 17, US attenuation: 10, DS margin 17, US margin 1817 (Bug in OpenWRT?).
In this idle state your system should be OK for indefinitely long time while your patience lasts. If not - then it's NOT your problem and you should ask for help from your provider.
And only THEN you should add all your computers and other devices and look for the one that causes the disruptions.
For the future I recommend:
Look at OpenWRT hardware list and find an OpenWRT compatible modem (Yes, I know it's difficult. But I have 3 modems of 2 models so it's not impossible). Install it and have a minimal experience in OpenWRT.
Make a reasonable effort to get rid of Windows at least on computers that are not used for gaming. Anything else - MacOsX, Linux, Android, Ipad etc.
Erase your HDD. Make a clean install of your Windows with all the drivers and utilities and backup it to flash or DVD.
Have a HDD to USB adapter and a spare HDD. When you have a possible virus, restore a backup to this HDD. Start a clean copy with AV tools, then attach an old HDD and scan it.
Have a separate archive HDD (or at least an archive partition) and it's copy stored offsite.