Interference with Personal Internet Communications: Asking Help / Opinions From FR Web Tech Guru's

White House ^ | 20 Nov 2020 | Sense

[Sense]

Did SolarWinds Make the Right Move in Hiring Former CISA Director Christopher Krebs?

https://freerepublic.com/focus/f-news/3925598/posts

If you consider this hire in relation to the history on this thread, in which Freepers (because targeted) exposed the bigger hack underlying the Solar Winds partial exposure... and see it mostly in relation to the “social hacking” element in particular...

Q: Why would anyone hire a guy who was exposed as being the most clueless... in an attempt to restore “integrity” lost due to that exact cluelessness ?

A: Because it suggests the only failure they recognize having occurred... was in getting caught.

Yes, events post “Solar Winds” suggest more over time that the hack was “Deep State” in origin... not “foreign” and not “domestic”... but “globalist” in origin... that including both foreign and domestic components... including a domestic Advanced Persistent Threat that “lost an asset” in the Solar Winds hack being exposed.

I’ve seen no credible effort being made to address any of the larger issues that were behind enabling the Solar Winds hack... which was only “an instance” of the exploitation of LARGER proven vulnerabilities.

The silence is the definitive answer...

[Sense]

Thought it worth an update here, with another pat on the back for the crowd here who helped to crowd source awareness of the vulnerability, and generate exposure of the hack, that enabled (among others) the Solar Winds exploit.

One of the core vulnerabilities we identified in this thread is now being addressed, in some small part, at least: The assumption that anyone with status as an approved system software provider should be “trusted” is being revised... their former grant of access to all the files in your system, by default, is being altered to enable “trusted provider” access to their own files, only, and not others.

Here’s how they’re addressing that in Ubuntu version 21:

...”for new installations of Ubuntu 21.04, or for users created on a machine that has been upgraded to Ubuntu 21.04, home directories will be private by default.

“For a lot of systems that have only one primary user, this change may not appear to have a huge impact. However, whilst these machines may have only one human user, they likely have other user accounts already on them which are created by various system services. This change now means that in the future if an attacker were to exploit some previously unknown vulnerability in a given system service that is running as a separate user, they would then not be able to access the data of any other user (both human or system service) on the system. This provides a more secure out-of-the-box experience for users and system administrators.”

https://ubuntu.com/blog/private-home-directories-for-ubuntu-21-04

I assume others are making similar changes to restrict how much system level access is granted based on “trust by default” of every and all of the peripheral players. The knock on and network effects of making that change should dramatically alter the intrinsic risk profile and security of everyone and everything... for a while, at least.

Will be interesting to note changes in the environment that result... as the pace of development in new exploits slows in response... and a lot of undiscovered exploits are shutdown because of the change... as the change is implemented. Legacy systems won’t be effected... so the primary impact should become apparent in an enhanced stability apparent in newer OS installations and upgrades.

Legacy systems should be able to be upgraded too, with some fairly simple inputs... at least in the linux/unix related communities... but herding the cats to enable it without it breaking things in legacy-land might be harder.

Anyway... thanks again for helping to make the digital world a safer place.