Security Leftovers and Windows TCO

posted by Roy Schestowitz on Sep 12, 2024

• Linux Antivirus: Security in Open-Source OS

  sudo apt update && sudo apt upgradeUse a firewall (e.g., UFW) [...]

• A SpamAssassin surprise

  Here is a piece of advice for anybody wanting an easy and frustration-free life: do not run your own email system. While there are numerous advantages to keeping some control over your communications, there is also a long list of things that can go wrong. A recent failure of spam filtering on the LWN email system illustrated one of those ways, as well as shining a light on how even a seemingly independent email system is tied to other services across the net.

  Back in April, an important anniversary went mostly unremarked: it was a full 30 years since the sending of the still-famous "green-card spam". Those of us who were recipients of that missive were horrified at the time, but nowhere near as horrified as we would have been had we known what was coming. Almost overnight, email was transformed from a collaborative service to a pipeline that would be constantly abused by ill-meaning actors. Spam now dominates the email stream; this problem has driven many other changes to email, not all of which are good.

  For most of the last three decades, anybody wanting to run their own email system has needed some way of filtering out spam — at least, if they want that email system to actually be useful. There are a number of tools out there that can take on that task, but many of us rely on Apache SpamAssassin to keep the trash out of our inboxes. SpamAssassin combines a long list of heuristics (does the email start with "Dear beneficiary"? does it have a strange date? does it reference large amounts of money?) with a trainable Bayesian filter and the ability to query reputation services ("blocklists") on the Internet. It does not do a perfect job, but a well-trained SpamAssassin installation will identify most spam with a negligible false-positive rate.

• IT failure blamed for latest NHS pathology battering [Ed: Windows TCO]

  Unlike the issues still affecting London hospitals, the incident at Nottingham University Hospitals NHS Trust (NUH) was not believed to be caused by a cyberattack, but rather by a nondescript "IT failure."

• Windows 11's AI Recall won't be uninstallable, but it should be [Ed: Windows TCO]

  However, when a preview version of Windows 11 seemed to allow the option to uninstall Recall, Microsoft squashed the resulting buzz by saying it was an unintended bug. You can still disable Recall, but you can’t wholesale jettison it from your PC.

  That’s disappointing, because in the most simple terms, a truly secure PC is one that keeps your data out of unwanted hands. And if Microsoft opens up the potential for that information to get served to others, it should also allow fully closing off that possibility. The threat of a PC breach is constant in today’s world—the number and scope of phishing attacks continue to increase. Microsoft Recall is a prospective liability, since features that aren’t removed can always be switched back on or otherwise exploited. The option to uninstall Recall would eliminate a potential vulnerability at its root.