Mobile device security

Mobile device apps. Who can we trust?

A few tips on keeping your smartphone and its apps inside of your control.

  1. Check and research the app developer.
  2. Have a look at the Ratings and reviews.
  3. Check the app permissions. Be specific and check location access. (Assuming you don’t want your location broadcasted)
  4. Be especially concerned with keyboard and emoji apps that require special permissions.
  5. Use caution when using your Social Media credentials to sign in.
  6. Keep apps up to date.
  7. Use biometrics to lock and unlock your phone and apps.
  8. Don’t plug the phone into any public computer.
  9. Try to limit your time on any public network.

Australian Cyber Security Guide

Please read this guide for context.

I love the attempt here to outline a simple strategy for defending technology assets. I will take what the Australian Government has laid out here and build upon it as it is a good foundation. Sometimes, it seems a nearly impossible task, but with the right energy focused on the right target, you’ll have a better chance at success.

Another perspective on these building blocks could be the Australian Government showing us their thought processes and internal and external defense perimeter. In a sense, giving the dark forces an advantage by providing a blueprint for how their systems are defended and in reverse, compromised.

To be honest, if an organization hasn’t already laid out these essential building blocks for defense, they are behind the 8 ball.

Advanced security controls

Many people are looking for a place to put their data and keep it private. Or not private, in some cases. What can you do to ensure highest security standards are in place and your data is protected from bad actors?

Previously, I wrote a document covering some basic cyber security guidelines for the average computer user. Now, it is necessary that I attempt to cover the broad range of security measures available to IT professionals. I recommend using the highest security standards wherever possible.

Each scenario is different, but there is a baseline level of standards we need to define. I am not trying to re-invent the wheel here, just point you in the right direction. Therefore, I have a few resources that will help identify the target areas:

  1. NIST – Security and Privacy Controls for Federal Information Systems and Organizations (2015)
  2. FedRAMP Security Controls Baseline.xlsx (2018)

Please also feel free to read any other cyber security publication from your field, as it may be helpful in your specific environment.

Web browser

Browser wars are boring. Try them all and test them all. Find one you like the best and use it.

Browsers can be a nice swiss army knife of the web if you wish. Find one with plugins that are useful to you.

I would like to point out a recent favorite of mine, Vivaldi, does have some fine compatibility on Mac OS X as well as a great set of plugins and options. If you want to check it out: Vivaldi. It also has an interesting history.

Custom Arch Install

Specifications

Hardware: Lenovo N23, Celeron(R) CPU N3060 @ 1.60GHz, 4GB DDR3L, 32GB eMMC, Touchscreen, 802.11 AC (2×2) WiFi + Bluetooth 4.0

Linux Kernel: 4.15.9-1-ARCH

Filesystem: XFS, EFI, Swap

Display Server: X11

Display Manager: LXDM

Desktop Environment: LXDE

Theme: Adapta-GTK

Browser: Firefox

Package list: 
xorg, lxde, bluez, bluez-utils, pulseaudio-alsa, pulseaudio-bluetooth, networkmanager, network-manager-applet, ttf-droid, ttf-roboto, chromium, firefox, hexchat, p7zip, htop, xterm, guvcview, rclone, rsync, cups, hplip, python-pyqt5, base-devel, adapta-gtk-theme, wireshark-gtk, nmap

AUR Packages:
visual-studio-code-bin

Netbook Project

I jumped all-in on the Google Cloud.

The idea was to purchase a Chromebook. They were a little too expensive. I went with a N23 from Lenovo. I love the design of the notebook. It’s small screen, tight case and touchscreen are awesome. It doesn’t win awards for storage space or processor/memory, but it sure does suit my needs.

I thought about installing Chromium OS on it, but I really just skipped right to Linux. Choosing the distro wasn’t hard, but I did give my old friend, Fedora, a try before deciding on Arch.

It turns out the more I learn, the more I love about Arch Linux. It’s allowed me to completely customize the software on the N23. It’s not bloated like recent Fedora Workstation releases were. Believe me, I tried to run my old favorite distro. It was way to system resource intensive and the screen rotation was generic, and the list goes on. For the N23 I needed a lightweight distribution. With Arch, it can be whatever you want. It’s up to you how bloated you want it to be. Arch was easy to install using the documentation (which is excellent). It works very well for what I will use this netbook for. It allows the user to totally build what they need from the ground up. It’s genius.

Currently, I’m using the KDE Plasma Desktop Environment and Chrome. This is a pretty good combination on this device.

So far, the experience with Arch Linux and its community has been very good. I’m looking forward to being part of it.

Obviously, I highly recommend Arch. Please take a look at their website and learn about its awesomeness.

Update: 031418

I really want to get the most out of the hardware on the N23 so, I’m using LXDE which uses %60 less memory then Plasma. So far, I love LXDE simplicity and minimalist style. It leaves plenty of memory for other applications too.

Update: 031518

Using Arch and LXDE, my system config is as good as it gets. Fast, reliable, efficient. It’s not bloated. 
Only the packages I want and services I want are running. It’s magical. Arch has allowed me to fully taylor my OS and applications to suit my hardware and needs. I’m enjoying this for the moment and will let you know how it all turns out.

Linux Customizations

Linux is a free and open source kernel available to the world to use and modify free of charge. Since it’s introduction in 1991 by Linus Torvalds, Linux has been customized and built upon to meet the needs of a variety of complex environments. It runs many of the devices and servers we use every day. The customizations are numerous.

When you delve into the world of Linux, you’ll find many people with opinions on what application, Desktop Environment, Distrobution, etc. is best for this or that. You’ll also find that it’s difficult to keep your goals in sight because of the fog of so many opinions. Just remember that no one can know your environment better than you, and only you should determine what works best for your situation.

If you just don’t know…do the research. Don’t let other people make the determination for you.

There are many different Kernels, Distributions, Desktop Environments, Window Managers, Terminal Emulators, Text Editors, Database platforms, Web servers, Coding languages, etc. It’s all so much to handle at once, so you’ll really want to do research for yourself and find what will work for your needs.

What works for me:

I’ve been working with Linux servers for nearly 20 years. With that said, I’ve been using Fedora as a desktop OS since 2003 and before that, Mandrake. I’ve been accustomed to the Gnome desktop environment ever since. A few weeks ago, after many years of being away from Linux desktop, I’ve taken the plunge once again and found more than a few useful tools. As a desktop system, Manjaro meets and exceeds my needs as an OS. The desktop environment Gnome is useful as well, especially on a tablet (MS Surface Pro 3). However, while doing research, I found that an old friend Xfce desktop environment has come a long way since the last time I used it. I won’t go into the reasons why it meets my needs, just know that it’s what I consider to be the top solution. So, with Manjaro as a OS and Xfce as a desktop environment I am able to customize my Linux box further by installing pre-packaged software with a few simple keystrokes. Manjaro uses the same package manager as Arch Linux (pacman) which makes installing and removing packages a snap. Testing has never been easier. When it comes to toolkits, mine includes the following:

  • nmap
  • Wireshark
  • bind-tools
  • Visual Studio Code
  • Firefox
  • ownCloud
  • GIMP

After all my research and testing, the OS and software described above is what works for me personally. I don’t expect you to use my exact configuration and I won’t judge you by your configuration. There are people in the Linux world that get in their sandbox about which software is better than Xyz, etc.. but I’m a realist. What works for others may not work for you. Do your research and come up with an awesome, unique solution that meets and exceeds your needs either as a business or an individual.

New stack: BCHS

BSD, C, Httpd (Apache), SQLite

So, a few days ago I was introduced to a new (to me) development stack called BCHS (Beaches).

After checking out some documentation on the stack I found it to be interesting and may be a challenge if I ever get around to creating one. Which I probably won’t because there are more efficient options when it comes to devlopment languages, web servers and databases. (ie FEMP)

I do find the parts of the documentation where they mention it’s not for hipsters hilarious. Hipsters dislike memory management. Comical. Just as comical as some would argue using a BCHS stack for real work.

In all seriousness I was first introduced to programming from learning the Apple LOGO commands at age 12. Then from there it was BASIC then HTML then Visual Basic 6 then C then C++ then Java then PHP (and various other scripting platforms)

When I look back at it, I really liked C and C++. I even took the time to write a couple simple programs using them. Mostly C though. C is great, but I think php offers a more rapid development model and a shallow learning curve. C would be used for video/image processing perhaps more intensive instructions. Not to mention it is more scalable than just php alone. I might actually consider it if I had more time on my hands to rewrite my FEMP stack into a FHMC stack (Nginx doesn’t support CGI). We’ll see what I come up with…

What I’ve been working on

In late August of 2016 I was offered a new position with another company and my life has been exponentially better. My wife and I also had our first child, Liam. He’s the only thing I care about anymore. If you are a parent, you know what I mean.

I have been exposed to some new technologies and therefore I am trying to learn as much as I can about their power. So far, I’ve been able to build, from the ground up, FreeNAS, Pfsense, Araknis, and Meraki solutions.

My favorite stack is FEMP (FreeBSD, NGINX, MySQL, PHP). Rock solid 🙂

In other news…my Surface Pro 3 is now running Manjaro Linux (my new favorite distro based on Arch Linux). So far so good. I originally had Fedora 26, but there were some Wifi bugs.

So, that’s pretty much it. I’ll just pick up where I left off on this site and keep on keeping on. Thanks.