Security and your mother's Linux box

News
By published

Interview with security expert Ross Anderson

LXF: Because nobody's going to block the whole of Hotmail, or whatever it is?

RA: Hotmail isn't that bad, but you could think of one or two of the big British ISPs, that I won't name for libel reasons. If you send mail to abuse@ one of these companies dot com, nobody will read it. You might as well complain to the spammer himself, for all the good it will do.

So the proposal that we have [Anderson recently completed a report for the European Network and Information Security Agency], is that if you complain to abuse@ somebody or other dot com, and more than three hours after that, you get more phish or spam from the same infected machine, then you should have a legal right to claim €10 from them. No need to prove malice, no need to prove actual damage, just "here's the bill". A similar scheme has largely sorted out late flights, cancellations and overbookings among cheap airlines in Europe, because now you get €250 EasyJet or Ryanair bump you off the flight to Barcelona. You don't have to produce a whole bundle of hotel bills and car rental vouchers and argue the toss, you just send them the bill. If they don't pay, you go to the county court, and if they still don't pay, you get the bailiffs to go and collect – believe me, I've done it!

Once you can do that to your ISP, they will all of a sudden find that it's in their best interests to act as the small to medium ISPs do. The kit that you need to firewall machines only costs a couple of hundred grand, and that's nothing to a big ISP. It's just a matter of them making the effort, and having the incentive.

LXF: With a lot of consumer products, like wireless routers, there's no incentive like that – it's pretty much left to the end user to patch these devices, or flash them with new firmware...

RA: Get real! Is my mum going to do that?

LXF: OK then, what steps should an ordinary citizen take to improve their data security?

RA: Buy a Linux box or a Mac. I bought my wife a Mac, last time the Windows box got filled up with loads of spyware.

LXF: So you just don't think the problems with Windows can be solved?

RA: The poor boys at Redmond are doing what they can, but they've got an enormous mountain of legacy codebase to deal with. Although they are beginning to do some semi-sensible things with Vista, in terms of not having users run as root all the time any more, this breaks so many applications that it's hard to get much traction. You end up with this learned helplessness phenomenon, whereby people are trained to keep clicking away these annoying dialog boxes that say: "Do you really want to override this? Do you really want to dismantle your security? Do you really want to run as root?" blah, blah, blah. They have to, to get their work done. That's a fundamental problem of the whole [software] architecture.

From the point of view of a user who's only going to use the PC for web browsing, word processing and one or two other simple tasks like that, the best solution is to move to an alternative platform. The big opportunity, which some Linux distributions are now obviously seizing, is to produce Linux PCs and Linux laptops that just work, which don't need anyone to know what a Tar file is, let alone how to compile stuff.

-------------------------------------------------------------------------------------------------------

First published in Linux Format, Issue 114

Now read How to catch Linux system intruders

Sign up for the free weekly TechRadar newsletter
Get tech news delivered straight to your inbox. Register for the free TechRadar newsletter and stay on top of the week's biggest stories and product releases. Sign up at http://www.techradar.com/register

See more Computing News
TOPICS
Linux Format
Latest in Software
Apple WWDC 2025 announced
3 things Apple needs to do at WWDC 2025 to save Apple Intelligence, and why I'm convinced it will
Chat GPT-generated images along with source material
ChatGPT 4o image generation is so good we will never be able to trust iPhone renders (and photos) again
Discord Clyde
Discord's game overlay has seen a complete revamp - I've tried it, and it's one of the best updates ever
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
Youtube
YouTube Premium could be getting a new time-saving perk, showing you recommended videos directly in your playback queue
The Kiwi design K4 Boost Battery strap being worn by Hamish
I test VR headsets for a living, and this affordable headstrap is the first Meta Quest 3 accessory you should buy
Latest in News
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently revealing the full cast for Avengers: Doomsday, and I think it's going to be a long-winded announcement
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
More about software
Chat GPT-generated images along with source material

ChatGPT 4o image generation is so good we will never be able to trust iPhone renders (and photos) again
Apple WWDC 2025 announced

3 things Apple needs to do at WWDC 2025 to save Apple Intelligence, and why I'm convinced it will
Discord Clyde

Discord's game overlay has seen a complete revamp - I've tried it, and it's one of the best updates ever
See more latest
Most Popular
Discord Clyde
Discord's game overlay has seen a complete revamp - I've tried it, and it's one of the best updates ever
Swiss flag with view of Geneva city, Switzerland
Secure encryption and online anonymity are now at risk in Switzerland – here's what you need to know
Data leak
Top home hardware firm data leak could see millions of customers affected
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
Canon EOS R50 V on a wooden table, alongside the EOS R50
I tried Canon's two new vlogging cameras – here's why the EOS R50 V offers better video value
Canon RF 20mm F1.4L VCM lens on a wooden table, alongside three other Canon hybrid prime lenses
Canon’s new 20mm f/1.4 lens could be the ultimate wide-angle prime for astro photography and video work, but its pricey
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Microsoft Copiot Studio deep reasoning and agent flows
Microsoft reveals OpenAI-powered Copilot AI agents to bosot your work research and data analysis