Reasons for Distrust: Yahoo, Microsoft, Apple, FBI / NSA

It is common for a network or server administrator to talk about 'reducing the attack surface.' To use a house metaphor, it's harder to break into a building if it has only a few doors and windows; the fewer the services are accessible, the harder it is for a hacker to break in. The same can be done with privacy--control the flow of information about you. Several weeks ago I began a personal journey to lock down data for the sake of the privacy of my family. I have Yahoo to thank for this motivation to do this.

For those not savvy, Yahoo, search engine and free e-mail provider had a bad couple of weeks. First, a hack which exposed the personal information of half a billion e-mail accounts was made public. That's a lot. Worse yet, the hack happened in 2014, which means that Yahoo either tried to cover it up or just didn't bother informing the public about this because, well, it must not have been that bad or that important. Second, Reuters published an article about a clandestine e-mail scanning program built by Yahoo itself because of a classified U.S. government demand. Ouch. I wouldn't want to work in the PR department there.

Public statements in instances like this need to be examined closely for both what is said and what is not said. Shades of truth are common and deception without outright lying is the norm. For example:

Google: "We've never received such a request, but if we did, our response would be simple: 'No way'."

This only denies having received a request for scanning e-mails. This does not in any way refer to other possible requests, such as access to servers, the ability to intercept network traffic, or any of a variety of other less-than-reputable actions. Considering the long history Google has of privacy concerns, this is unfortunately suspect. A spokesperson from Microsoft was even more obvious:

Microsoft: "We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo."

A statement like this leaves the door wide open for denying the specific actions of Yahoo without saying anything else. Microsoft has a history of problems, including potential collaboration with the NSA, the arm of the federal government responsible for espionage, intelligence, and government-sponsored hacking. Combined with their abuses of their customers with Windows 8, the  Windows 10 upgrade, and many other ways, they are not to be trusted at all. Ever.

Facebook had a similar response:

“Facebook has never received a request like the one described in these news reports from any government, and if we did we would fight it.”

This statement is a little less discouraging, considering that it includes 'any government,' but Facebook's privacy practices do little to put it into a positive light.

Please understand that good people also work for these companies and for the government. The problem is that people with power in these organizations don't necessarily have the interests of the people in mind or have an "ends justify the means" type of mentality. Unfortunately, this means that we, the common people, have to not trust our government to look out for us and many large corporations because of it. Yahoo has resisted federal action before and complied out of threat of heavy fines. Apple and the FBI went back and forth about unlocking an iPhone. Occasionally their hands are tied and sometimes they are bullied into submission. Whatever the reason, the results are, unfortunately, the same.

Apple, although very good at making easy to use, desirable products, trades this usability for control. As a company, it keeps very tight control over its products and what people are able to do with them. Some reasons are technical, but others are very much not. Following the Yahoo scanning incident, they would not make a comment on the record about it, merely referring to CEO Tim Cook's privacy letter. Apple doesn't always have the best security practices and wants you to stay close to them and buy lots of stuff, but at least they respect your privacy.

Given the actions of these major players in the computer industry and multiple security holes in smartphone technology, maintaining your privacy and a decent amount of digital security is hard, but it doesn't have to be impossible. Based on the evidence and their actions both in this incident and in the past, on the other hand, trusting the government is impossible and many, but not all, companies have earned a healthy distrust by their customers. Let's find a better road together, everyone.

Update: Add AT&T to the list. Apparently they like to spy on their cell customers, as well.

A Slightly Different Direction: Fun, Usability, Privacy, and Freedom

I know, I know, it's been like forever since I last posted on this blog. Life happens, right? In the two and a half years since my last article, I have left teaching and jumped into the IT field full-time. I have also developed a new, passionate reason for using Linux in addition to the usability and the lack of cost: freedom and privacy.

Some of you out there are probably rolling your eyes, and others could be thinking, "Look who just caught up!" Privacy and security are hard, particularly when you get into the technical bits. While standing up to the NSA is difficult at best and nearly impossible at worst, it is still possible for Joe Average to guard against the big stuff without a ton of inconvenience.

Look for new content with privacy, getting things done, having fun, and reasons why getting away from the big guys -- Apple, Google, Yahoo, and especially Microsoft -- is better for your well-being. Until next time, be well.

Watch Netflix in Linux Mint and Ubuntu

Netflix has become a standard among video streaming services. It does have one not-so-small drawback among fans of the Penguin: they do not support Linux at all and probably never will. This is not to say, though, that it does not work with Ubuntu-based distributions, such as Linux Mint.

Steps to Linux Wizardry: Braving the Murky Depths of the Terminal, Part 1

For many beginning Linux users, Mint or otherwise, the Terminal is an intimidating question mark which hearkens back to days of old when most regular people only knew of mice which were pests, not input devices. Although its way of working may seem antiquated in comparison to the shiny graphical interfaces sported by PCs today, it is by no means worthy of the trash can. In fact, present day Linux and UNIX system administrators would mutiny if forced to work without it. Much like a magic wand, a beginner must learn a few basics before any wizardry can begin and the incantations resemble gibberish to the unlearned and a unique language to the master. Today we will begin a series of articles dedicated to learning the basics of the Terminal program.

Making RenWeb Work with Ubuntu and Mint

RenWeb is a popular school information management system commonly used in private schools in the United States. Although it is not the only one out there, it is one I have personally used. My day job is teaching music and acting as resident technical support at a private school in central Ohio. What may or may not be well-known to many is that the company is quite Windows-centric. Macs and Linux machines have been in many ways left out in the cold, that is, until recently.

Sliding into Linux: Easing the Transition

One of the first articles written for Day-to-Day Linux was about how hard it is to change operating systems. For example, my own first experiences with Ubuntu years ago were quite frustrating. Sometimes the best kind of support is a friend, neighbor, or coworker. Effectively striking out on my own, all I had was me. As much as the community is helpful and there are many, many tutorials and HOWTOs online, it didn't make day-to-day use any easier. Even after I decided to take the plunge and make it the main operating system in my household, I still had plenty to learn. For a beginner, Ubuntu would have been a non-starter, even before the desktop overhaul that is Unity.

Even though there will be challenges and obstacles for someone making the transition from Windows, there are plenty of ways to make the learning curve much more gentle.

What's Open Source? Should I Care? Why?

If you've been reading or watching the news at all in the last six months, you have undoubtedly come across news stories about Edward Snowden and how he leaked classified documents to which he had access while working for the National Security Agency (NSA). Since that time, there people have taken a great interest in what the NSA does and how it does it. If the thought of complete strangers snooping into your business disturbs you, you are not alone, especially when espionage and shades of truth are the meat and potatoes of the particular branch of the U.S. government. It also means that open source software has become much more necessary for computer security.