___                 _             _
   /   \/\/\   __ _  __| | /\  /\__ _| |_ _ __
  / /\ /    \ / _` |/ _` |/ /_/ / _` | __| '__|
 / /_// /\/\ \ (_| | (_| / __  / (_| | |_| |
/___,'\/    \/\__,_|\__,_\/ /_/ \__,_|\__|_|

On SDF

#Cyber "Pandemic", ramifications and what will survive

07-21-2024

On Saturday, we had a group of friends over for a BBQ dinner - despite being the 
guest of honor, I was stuck cooking.  This past week was interesting because
I worked (had worked in one) in two fields that had expertise in both IT
and kinetic (physical) security.  In the kinetic field, I worked both in the
military and in personal protection services (PPS). For the PPS training, I was
fortunate enough to go do a course with John C. Desmedt, a retired USSS SAC who
handled training for the Secret Service during the 80's and 90's.  John was 
still spry and very fit - a life long martial artist, when I attended his course 
years ago, so I learned alot from this very famous instructor.

So, as the situation in Penn state unfolded, my family and friends reached out
for opinions.  Other than the official story didn't really make sense, I had 
nothing additional to offer that could not be found on Youtube.

My only public observation on this event is just exactly what I shared, it does
not make sense based on my own work experience.  I'll leave it up to the reader
to do their own research.  This is a hot topic that I do not desire to discuss
on SDF.

##Bigger Issues 

More so of interest to me was the field that I the most experience in, IT. I do
love kinetic security, however I'm getting up there despite my fitness level
and to be honest, unless you get a contract in a war zone, kinetic security does
not pay as well.  

While local politics do affect a good portion of the US, cyber events impact the 
entire world.

Thursday into Friday proved this much to be true.
  
Crowd Strike ended up pushing a .sys file that BSOD'd agents on remote computers
and on dedicated sensors.  As best as I heard in a stakeholder meeting with 
their own CTO, it was a relatively easy fix and that they 'apologized'.  Still
their screw up affected alot of people.  Also, during this time, 'actors' were
exploiting the moment to get command and control componets onto systems.  This
aspect was not as publically discussed.

Fortunately, my organizational did not use Crowd Strike, but any flight plans I
had, were to be cancelled - so we ended up having a BBQ this weekend.

For everyone else that had to deal with this mess, my condolances - I know it 
has been tough.

##Just one file

One file brought down the internet - well atleast portions of it.  When my wife
found that the news was saturated with information about the attack and wanted
to know why we were still online.  Firstly, we do not use Crowd Strike at home,
and second, despite an airgapped security system that I've yet to port over to
ZoneMinder, nothing we use at home has Windows. Nothing.

I've never trusted Microsoft, I was working in the field with the '_NSAKEY' was 
discovered in Windows NT.  Despite ALOT of speculation, someone did do the time
to reverse engineer the keys being called and there may have been more to the 
story than we'll ever know.  Still, Microsoft denied it.

So, I assured my wife, we only use BSD, LINUX and Macs at home - the 'mobile'
devices are all on custom security roms - for the most part, we control our own
security.  With my recent 'adventures into Plan9', I've toyed with deploying
9Front meshed devices onto our home network to start handling security sensors
on the property.  This is an aspect of computing that Plan9 handles well.

##What about Windows

To be fair, my wife already told me the guests were going to ask me about the 
Crowd Strike situation.  Halfway through the evening, they did do exactly that -
so I explored the situation with them.  I answered their questions first by 
asking a question 'Do you use Windows?'.  To my surprise, most did and I was
equally surprised when they asked if I did.  As stated above, despit one laptop
I do not own (my work computer), only one of my systems had Windows - and it 
does not talk to the internet.  However, everyone there, outside of my wife,
used Windows or an Android phone (google).

The topic of Cyber Polygon, the coming 'cyber pandemic' and all the threats
coming out of the WEF came up as well.  Yeah, it's a thing, so we discussed it.
My concern with European crats is that when they talk about stuff, it usually
happens.  I'm not saying it's a conspiracy, but it does seem rather odd that
they have a nearly biblical record for predicting the future.  If such things
are true, then Windows would not be the operating system I would want to be 
using in a 'cyber pandemic', neither would I want to be on an Google Android
phone.  I like Android purely because it was based on LINUX, but it's not
really LINUX as we know it - so using that as a phone's OS is not my idea of
security.  Even of late, I've been toying with the idea to get a purely LINUX
phone - and I really have come to believe that even GrapheneOS doesn't count.

LINUX has it's own problems and in my opinion, it's not going to be the 'safe
haven' people expect during a 'cyber pandemic'.  There are too many CVE's out 
there for LINUX, with Red Hat being the worse offender.  In the past we could
have relied on LINUX to be a good back up OS, those days have passed.  Still
it is far better than Windows.  As darth vader like Eurocrats are threatening
that we will not be able to even use our computers and phones, it would prudent
to believe them - just saying.

##E tu, BSD?

So, in the minors, far in the backfield, we have BSD. A few years ago, it would
have been difficult to suggest BSD as a possible daily driver for anyone that
did not work in our field.  I say 'our field' because if you are reading this
article, you got here by either a gemini / gopher client or via a shell with
those compatiblities.  Also, I would wager you also have a firm grasp of BSD.
Some of you may also being using Plan 9 or 9Front.  You either run that OS,
a Mac or even BeOS.  Your phone is most likely an iOS or some hacked up version
of Android.  Regardless, you aren't in the baseline of society.  You are 
different. Just understand, we do not see the world the same as the muggles.

So is there an 'ark' for the masses.  I doubt it.  If there was an 'ark' we 
could suggest, only FreeBSD or it's friendly fork, GhostBSD, would fit the bill.
There really aren't alot better choices.  Still, there some hope in such
operating systems like Haiku.  Haiku has really come of age in recent years.
From what I've seen, the OS is somewhat friendly and intuitive.  I've not 
messed with it, I guess I should.

Still for those that want some type of solution to keep up and running during
'zee-Scyber Panzdemic', these OS'es offer some hope to provide continuity.
The reason I say this is because in the game of 'economy of scale', it's not
worth any threat actor's time to focus on these systems.  Windows would be
the main focus - period.  Linux and Android a close second.  Compare the code
base of Debian now to what it used to be.  2 Billion lines of code on a base
install.  Now, look at 9Front - it works - if you take the time to understand
what it can and can't do; and it does all that with only 100,000 lines of code.
Security issues can be located easier in 100k lines of code, comparted to 2 Bil
llion lines.  No one knows how large Windows is, but it's going to be far north
of Debian.  And I do not know enough to speculate on MacOS/iOS.
 
###Where to now
 
At home, we've been looking at Pfsense and DD-WRT to handle our routing and 
firewall needs, again, with Pfsense, we are talking BSD.  
 
This brings me back to my guests, will they heed my suggestions. More 
importantly, will they take the time?  There are solutions out there now ...  
 
So what happens when it 'occurs'.  Being in fear is not a good time to 'learn' 
something new. Ff  kinetic security taught me anything, it's that people 
default to what they  actually know, not what they want to know.  There is no 
'movie epic' rise to  the occassion where someone sudden says 'I know Kung-Fu' 
(as if getting an instant download like Neo in the Matrix).   
   
If I could add anything to this converstation, it would be now is the time to 
learn - the shot over the bow has occurred, if this is something that concerns
you, your friends or family, then now is the time to switch into these systems.

Sure if true, we are going to see a period of technoanacronism for while, with 
the smolweb being a good place to get information. 

Still, it's like an oasis in the desert, it's there, it's got water and it's 
'safe', but will the public know how to get there?