JDPFu.com 2025

Saw this over at Schneier’s Security site.

How your phone tracks your every move

His phone was leaving traces about 3x an hour and it wasn’t just GPS coordinates.

It is an ABC (Australian) report. They asked normal people to look at some metadata to figure out what they could know about a person. Bingo!

Be afraid. Be very afraid.

For everyone who doesn’t have an issue with this – fine. Send me all your emails, texts, tweets, G+ posts, FB posts, all contacts in every device you own, a list of everything you watch on TV, through Netflix, popcorn, all the torrents and photos from the last 6 months. After all, you don’t have anything to hide. Oh – and I don’t want just the nice, sanitized stuff. Send it all.

After all, you have nothing to hide.

Here’s what the public found in his metadata.

His final thoughts:

Having strangers poring over your data can be an unnerving experience but whether we’re aware of it or not that’s increasingly the case in the world we live in.

Updated 2020 – a few better commands
Updated 2017 – tested on Ubuntu 16.04.

When you ask for computer help, the people who you ask could really use some basic information about the computer. That information includes

• CPU
• Memory
• Video
• Networking
• Disk, partitions, LVM

Basically, I find myself asking for this same information over and over, day after day. The more accurate and detailed the provided information is, the better. However, gathering the information needs to be easy for the beginner too. That is the attempt here. Simple and easy to use for everyone, while not being so hard to audit that people have to make a huge leap of faith to trust it.

Ever wanted to remove the Canonical nags shown at every login about landscape? I’ve seen those messages since 2007-ish and didn’t think much about it.

Someone online complained about the New release available – looked up how to make that go away and decided to remove the landscape nags too:

sudo apt-get purge landscape-common landscape-client landscape-client-ui landscape-client-ui-install 

Really, only the landscape-common package seems necessary. With Ansible, removing those packages was pretty easy:

tasks/common_etc_landscape.yml

---
- name: Remove Landscape 
  action: apt pkg={{ item }} state=absent  
  with_items:
      - landscape-common
      - landscape-client-ui-install
      - landscape-client-ui
      - landscape-client

Recommended settings from the Linux Foundation Workstation Security

I do about 80% of their recommendations. Need to look over the things I’m not doing.

There are some smart items in there for Windows users too around password managers and web browsers. Read carefully.

First, we all know that wired ethernet is best. If the bandwidth specified isn’t seen, there are other issues. It isn’t the wires.

However, here are times when some other network method is needed. Typically, that is wifi, but we’ve learned over the years that wifi sucks too. The advertised connection rates do not reflect real-world bandwidth. Getting even half that amount is lucky. We’ve learned to live with it, since for most people anything over 10 Mbps is fine.

This is not meant for complete noobs. Hints for tools are provided only. If you don’t know the tool already, RTFM.

Most of these steps really aren’t necessary – they are included just to see if something commonly addressed automatically has been screwed by you or the network guys. It is almost never the network, so be nice before accusing others for your mistake.

Let’s get started.

In short, if it can be done in networking, then your Linux system can probably do it – within the limitations of the connected hardware.

Linux Advanced Routing & Traffic Control HOWTO documents these things.

For example (stolen verbatim):

• Throttle bandwidth FOR certain computers
• Throttle bandwidth TO certain computers
• Help you to fairly share your bandwidth
• Protect your network from DoS attacks
• Protect the Internet from your customers
• Multiplex several servers as one, for load balancing or enhanced availability
• Restrict access to your computers
• Limit access of your users to other hosts
• Do routing based on user id (yes!), MAC address, source IP address, port, type of service, time of day or content

That’s just the short list. Much more is possible and the LARTC guide has examples for all sorts of things.

Mr. Jim Orr has published some presentations about the space shuttle flight software program. I used to work on this project in the late 1980s thru the early 1990s.

• Lists the 19 in-flight (or terminal countdown) failures of the Space Shuttle Primary Avionics Software System, along with impact of failure and actions taken.
• unique data from the space shuttle program. Data are shown as annual failure rate (in-flight, plus other failures found in testing or training) versus the actual number of unknown (at the time of flight) errors in the flown system.

The GN&C FSW for the shuttles was developed under a CMMI-5 process. We were optimizing our process to be as efficient, yet 100% bug free. It was a unique experience.

Everywhere else that I’ve programmed since always had different priorities. Good enough software was the goal, nothing more. Schedule (which is really budget) was usually set by some marking person.

Anyway, I hope you notice the reduction in found bugs from 1990 to 1994 in those presentations. Cool – huh?

That is what a dedicated team of people can accomplish when their goals align. I’ve also seen what happens when teams do not have the same goals.

Just got this email and I’m excited! Might be able to completely change my life! Er … perhaps not. The first line is a little, er, familiar for a bank.

UNCLASSIFIED DISA FSO STIGs

Some Ansible STIG Stuff for RHEL 6

BTW – a STIG is a Security Technical Implementation Guide.
CIS Ansible for Ubuntu 14.04