News

These articles cover the latest news on both the Linux and Windows operating systems.

Why and How to Do Your Taxes with Open Tax Solver

I have previously explained how to use a free open source accounting program called GnuCash at this link: https://futuretechbizclub.org/course-2-organize-your-business/section-2-business-accounting/lesson-2-3-how-to-keep-track-of-business-funds

In this article, I will review an open source tax preparation program called Open Tax Solver (OTS). OTS is a free, secure and easy-to-use program for calculating and submitting your US Federal taxes (it also does some state taxes). OTS includes updated versions for US 1040, Schedules A, B, C, D, and for several states. OTS provides a simple graphical interface for quickly filing out your tax forms.

01

Why You Should Consider Doing Your Taxes with OTS
Perhaps the biggest advantage of OTS is that it is the best way to protect the security of your data. You should be aware that, due to open back doors present on all Windows computers, it is simply not safe to store your data including bank accounts and passwords on a Windows computer. Because of this problem, many people have switched to the free and more secure Linux platform. Unlike many commercial programs, OTS is available in a version for use on Linux computers. (note: OTS is also available for Windows and Mac computers just in case you have not yet made the change to Linux).

Equally important for the security of your data, OTS is an open source program. This means the code has been inspected to reduce the chances of vulnerabilities that can be exploited by hackers.

In addition, none of your data is stored on any server or by any commercial operation. It is all stored only on your own personal computer and under your complete control. None of it is ever entered into any web based data system. Thus, it is the perfect alternative to insecure web based programs – including the IRS e filing program.

By contrast, when using web based programs, you have no idea who is getting your data, how they are storing it and whether or not it will eventually wind up in the hands of hackers. Every year, millions of people have their data stolen by hackers. The only way to reduce this problem is to not put your personal and business data on the Internet in the first place.

Another benefit of OTS is that it is free for personal and commercial use. If you have a small business that generates some of your income and you need to fill out Schedule C or Schedule C-EZ, you can do this with OTS without paying any fees.

By contrast, virtually all commercial tax programs that offer a free option, require you to pay for filing even a small amount of business income. Commercial tax prep programs have many other situations where you will need to pay a fee even if you have no business income. This includes things like charging if you have dependents, charging to file schedules 1, 2, 3, charging if you make over a certain amount, charging you for the child tax credit, the earned income credit, the elderly or disabled credit, charging you if you have alimony income or expense, student loan interest, retirement contributions, dependent care expenses, lifetime learning credit, landlord expenses, freelance expenses, charging if you have a small farm (the list is endless).

False Accusations Against Linux Security Continue

For the past two years, ever since the release of dozens of NSA created Windows hacking tools in 2017, there have been an ever increasing wave of ransomware attacks against Windows computers. During this time, I have written several articles explaining in detail how hackers use hidden back doors in the Windows operating system to take over and lock up Windows computers. I ended each of these articles by urging folks to protect their data by replacing the poorly designed Windows operating system with the free and much more secure Linux operating system as this is really the only way to protect your computer, your data and your business from a ransomware attack.

It is surprising that despite these ever increasing Windows Ransomware attacks, the value of Microsoft stock has continued to increase to the point where Microsoft is now a trillion dollar corporation. I understand that Microsoft spends billions of dollars on marketing and promoting itself. But one would think that eventually the truth would come out that Windows is not a secure operating system. However, instead of exposing the truth about Windows Security Flaws, the corporate media is engaged in a relentless campaign of making a series of false accusations against Linux claiming that Linux also suffers from security problems. Just a week ago, I published an article debunking the false claim that Lilu Ransomware had hacked thousands of Linux Servers. Here is a link to this article: https://learnlinuxandlibreoffice.org/news/did-lilu-ransomware-really-infect-linux-servers

In this article, we will review two additional and equally false claims made against Linux – namely that Linux can be hacked by Skidmap Malware and/or by Evil Gnome malware. Both of these claims are made with no evidence to back them up. Yet both claims, like the Lilu Malware claim were published on thousands of news websites as if they were God Given Facts.

When we read articles on the Internet, we need to become more aware that we are literally being bombarded by a nuclear firestorm of lies. These lies are designed to brainwash and manipulate us into supporting multinational corporations that are not at all interested in protecting us. Instead, the writers of these false articles are hired to protect corporations like Microsoft and maximize their quarterly profits by producing a wave of propaganda. We this in mind, let’s first look at the Skidmap Malware claim.

Did Lilu Ransomware Really Infect Linux Servers

I have written several reports explaining how ransomware attacks Windows servers and urging users interested in security to switch to Linux in order to avoid future ransomware attacks. See for example this link: https://learnlinuxandlibreoffice.org/news/hidden-dangers-of-ryuk-ransomware

I was therefore surprised and extremely skeptical of articles claiming that that a ransomware called Lilu had infected thousands of Linux servers. The first of these articles appeared at 3:30 am on September 6 2019 and described ransomware attacks dating back to July 2019. Here is a link to this article: https://www.zdnet.com/article/thousands-of-servers-infected-with-new-lilocked-lilu-ransomware/

The evidence provided to back up their claim was this image showing some files locked by Lilu Ransomware:

01

Note that the domain name of this folder has been hidden from view making it impossible for us to verify if these files were actually on a Linux server. The article goes on to note that “Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally.”

This limitation raises the obvious question of whether the core of the Linux server itself has been compromised or whether merely applications connected to the core have been hacked.

Hidden Dangers of Ryuk Ransomware

Ransomware is a type of malware whereby a victim is tricked into downloading a malicious program on their Windows computer which encrypts most of their files - and then demands a ransom payment in order to get the key to unlock and restore the files. In the past two years, more than one million Windows computers were subjected to ransomware attacks, costing their victims more than ten billion dollars. These attacks have been mainly from the WannaCry and NotPetya ransomware. However, in the past year, ransomware has evolved into a new and much more powerful strain, called Ryuk. Ryuk not only encrypts or scrambles all of your important files, it silently spreads to all of the computers in your network and can spend up to a year stealing all of your passwords and infecting all of your backup files before locking up all of the computers in your network. Ryuk carefully chooses its victims based on their ability to pay. Ryuk prefers cities, colleges and school districts. Ryuk charged a city in Florida $600,000 to get their computers back. More recently a college in New York was asked to pay a ransom of $1.4 million to get their computers back. Local government agencies, schools and colleges have been forced to spend millions of additional dollars trying to rebuild their computer networks after being attacked by Ryuk. Worse of all, the advice being given to Ryuk victims thus far by so-called “computer security experts” has been completely wrong.

In this report, we will expose the hidden dangers of Ryuk ransomware. We begin by briefly reviewing the connection between these new forms of ransomware and NSA cyber weapons. We then outline the history of Ryuk and its companion cyber weapons called Emotet, Trickbot and Xbot which work together in a carefully planned attack. Then we discuss the new dangers of Mega Cortex and explain how to truly recover from and protect yourself from future attacks. Finally, we explain how schools and colleges that are victims of these ransomware attacks can fight back and help us move towards a world that eliminates these cyber weapons altogether. If you know someone who works for a school, college or local government that uses a Windows computer network, please share this important article with them.

The Fight for a Secure Linux BIOS

One reason many people are moving from Windows to Linux is security. People are tired of getting their Windows computers hacked every time they go online. The problem is that the Windows operating system has a Call Home function that is basically an open back door for hackers. But what is the point of having a secure Linux operating system on your computer if it has another program – the BIOS - that still has a Call Home function? In this article, we will explain why BIOS is important and describe the past, present and future of our fight for a secure Linux BIOS.

Note: This article is an update of my previous 2013 book Free Yourself from Microsoft and the NSA which explains the history of the relationship between Microsoft and the NSA and includes the early history of the UEFI BIOS. You can download for free at the following link: https://freeyourselffrommicrosoftandthensa.org/

This report is divided into the following ten sections:

1. Introduction… What is real computer security?

2. Who Am I and Why I am Concerned

3. Past BIOS Options

4. Design Flaws of UEFI

5. Legacy BIOS 2006 to 2012

6. Present UEFI BIOS Monopoly

7. History of UEFI Advanced Persistent Threats

8. Linux BIOS Options

9. Recent Intel Myths

10. Conclusion… How do we get a secure Linux BIOS?

You can also view a video presentation of this article at the following link:

https://www.youtube.com/playlist?list=PLjDc7gDlIASS-sQu73PlQhvGBKMNlOEZN

 

1. Introduction… What is real computer security?
This is what many (and perhaps most) people think that this is all they need to do to have a secure computer:

01

In this article, we will go beyond the bandaid approach and look at what real security requires.

What is BIOS?
BIOS or Basic Input Output System is the program that starts your computer before handing it over to your operating system.

02

NSA Pre-Test… How much do you know about the power of the Dark Side?
Q1: Do you think that the NSA can hack the Windows operating system?
Q2: Do you think the NSA can hack applications like Microsoft Office?
Q3: Do you think the NSA can hack the Intel Management Engine?
Q4: Do you think the NSA places hidden partitions on your hard drive?
Q5: Do you think the NSA has hidden “call home” back doors in the UEFI BIOS?

What is UEFI BIOS?
For more than 20 years, BIOS consisted of a small program that was independent of the operating system. Then, in May 2006, Bill Gates gave a speech announcing a “better” replacement for BIOS called the Unified Extensible Firmware Interface (aka UEFI) – a secret closed source program that was 10 times bigger than the prior BIOS.

UEFI is now a near monopoly BIOS found on all Windows and Apple computers and nearly all Linux computers. Thankfully, in 2007, Google began supporting Coreboot - a free open source alternative to UEFI. Coreboot eventually became the BIOS program for all Chromebooks. Recently, a Linux computer maker called Purism also started using Coreboot BIOS on their computers.

03

Is UEFI BIOS Secure?
We know from the Snowden and Vault 7 documents that the NSA has several back doors into the Windows Operating System since at least 1998. We also know that NSA the has a backdoor into the Intel Management Engine (ME) since 2007 – thanks to an August 2017 Report from PT Security. In this article, we will look at evidence that the NSA has placed back doors in the UEFI BIOS firmware program since 2007.

Why is a Secure BIOS Important?
If a hacker takes over your BIOS, they can control your operating system, applications and all of your documents stored on your computer hard drive.

04

   

2. Who Am I and Why I am Concerned

I have written many articles over the last 8 years explaining why the open back door in UEFI was a security risk. I have repeatedly urged Linux users to seek out computers that use Coreboot or some other open source BIOS program. https://learnlinuxandlibreoffice.org/1-why-switch-to-linux/1-4-uefi-the-microsoft-kill-switch

 

Why Redhat is Worth at Least 34 Billion Dollars

In what may be the largest software company purchase in history, IBM has purchased Redhat for $34 billion. Redhat is the world’s biggest and most technically advanced Linux Server Management company. This transaction comes on the heels of two other major purchases of Linux-based companies. In June, Microsoft purchased Github, the largest Linux project center in the world, for $7.5 billion. In July, SUSE, a Linux Server Management company, was sold to an investment firm for a mere $2.5 billion. The total for 3 companies most people have never heard of is $44 billion. Now some folks are saying that IBM paid too much and Redhat is not worth $34 billion. These are people who do not know how important Redhat is to the functioning of the Internet and in fact to the functioning of the world’s economy. The purpose of this article is to explain why Redhat is already worth much more than $34 billion – and now that Redhat has access to the huge IBM sales force and customer base, Redhat will soon be going on a massive growth spurt.

01

First, let’s start with a bit of history. I vividly recalled a morning in March 1986 when I purchased Microsoft stock the first day it was available to the public. I taught at Bellevue College just a couple of miles from Microsoft. I had students from Microsoft. I knew Microsoft would be big. Microsoft is now netting $40 billion per year on sales of more than $100 billion per year and has an estimated worth of about one trillion dollars. In 1986, Microsoft was a leader in the “new technology” of personal computers.

Today, Redhat is a leader in the “new technology” of cloud computing. Cloud computing is made possible by about 100 million servers connecting several billion people around the world. Nearly all of these servers are now running Linux.

This includes one million Microsoft Azure servers – nearly all of which were secretly switched to Linux in the summer of 2017. Redhat is the company that maintains and protects more of these servers than anyone else in the world. As one analyst put it, "Everything always runs on any cloud with Red Hat.” It is almost certain that Redhat all by itself keeps more than one billion people connected. So IBM purchased Redhat for less than $34 per person.

Up until the IBM purchase, most analysts predicted just three dominate cloud companies – Amazon, Google and Microsoft. However, with this purchase of Redhat, IBM has suddenly moved up from the bottom of the pack to the top.

How will IBM move past the big three in the Cloud business? Just look at this from the IBM press release: “For IBM, the acquisition is about growing IBM's business in the cloud—private, public, and hybrid—based on the position of the company as the open source and open standards player versus the "proprietary" models of Microsoft, Amazon, and other major cloud players.”

Clearly the IBM plan is to call their cloud an “open source” cloud. Buying Redhat, the leader of the Open Source Cloud movement – makes this more than a marketing slogan – it will be the truth. IBM suddenly becomes one of the good guys instead of one of the bad guys.

For Red Hat, the deal is about scaling up the company's reach. "We can scale at greater speed.... We can only reach a certain number of customers right now." Put another way, IBM already has a huge sales force and accounts with almost every business in the world. Redhat now has access to this huge sales force and account structure. This move is going to be huge for Redhat.

02

Let’s assume for the sake of argument that Facebook, Amazon, Google and Microsoft are all worth about one trillion dollars each. They are all now using Linux on there servers as their primary operating system. That is four trillion in market value running Linux in just four companies. Amazon Cloud and MS Azure Cloud both had revenue of 27 billion in the past year. Some have estimated that eventually, the cloud market will be worth more than one trillion dollars per year. So the cloud market is there. The day is coming when Redhat will also be worth one trillion dollars. Folks will look back on IBM buying them for a mere $34 billion as the steal of the century.

2018 October Update Exposes Fatal Flaw of the Windows Operating System

Introduction… Why the Windows 2018 October Update will be the End of the Line for Inexpensive Windows Laptops
For more than 8 years, I have been writing articles warning consumers about the fatal flaws of the Windows operating system. The October 2018 Update is no exception. There are at least a dozen major problems with the Windows 10 2018 October Update. For example, it can disable the Edge browser (I would call this a feature but whatever). Also, you cannot install the update if you are using a Virtual Private Network (VPN). Of course, if you are using Windows in the first place, there is no point to using a VPN because there is no privacy with Windows. Then there is the File Deletion problem where the update deletes all your documents, images and videos on some computers. On October 9, 2018, Microsoft announced that they fixed this problem. But in fact, they may have made the real problem even worse.

In this article, I will explain why this file deletion problem is not a temporary problem - but instead is the final nail in the coffin of a defective operating system – the result of years of poor decisions by Microsoft upper management– decisions that have boxed Microsoft programmers into a corner and will eventually lead to the death of the Windows operating system and an end to the Microsoft monopoly.

We will begin by explaining to users of less expensive laptops with 32 GB eMMC drives why this update will render their laptops unusable. Second, we will then review some of the design problems with the Windows Update System. Third, we will explain why Microsoft failed to address this file deletion problem even though they were warned about it more than three months ago. We will then go deeper into why the file deletion code was put in the update to begin with - and why I was able to predict more than 10 years ago that the Windows operating system would eventually grow into the 30 Gigabyte monster it is today. Finally, we will look at why this 30 Gigabyte monster will kill millions of computers – a problem Microsoft will not be able to solve with any update.

If you have a 32 GB eMMC laptop, you need to backup all of your documents onto a USB stick and then replace Windows with Linux Mint as soon as possible. Linux Mint is one third of the size and three times faster than the Windows operating system . Please share this important article with anyone you know who is still using the Windows operating system. This is your final warning.

I. Some Simple Math… Why Windows Will Not Work on a 32GB eMMC drive
I have long urged readers to avoid buying any laptop with a 32 GB eMMC drive. Not only is the drive way too small – but it is soldered into the laptop and cannot be replaced or upgraded. It is like buying a car that will not go over 45 miles an hour and has a ticking time bomb in the engine. No one would buy a car where the tires were permanently attached to the car. Yet because many people know nothing about computers, millions of people have bought Windows laptops with 32 GB eMMC drives in the past two years. Here is the math of why such laptops are simply defective and certain to stop working over time:

First, a 32 GB eMMC drive is actually only a 29 GB drive. This is because eMMC drives like nearly all other drives have about 10 percent less actual storage capacity than their advertised capacity. So a 32 GB eMMC drive actually only has 29 GB of usable capacity. Remember this number 29 GB as it is a crucial limit we will get back to in a moment.

Second, the Windows 10 operating system is huge (also known as bloated). It is more than 20 GB even before adding the essential updates. This is many times bigger than the free Linux operating system used on Chromebooks. Note that while Microsoft claims the Windows 10 operating system is only 10 GB, there are hundreds of complaints on Amazon from users noting that the Windows 10 operating system, with the April 2018 update took up their entire eMMC drive – even on a new computer with no documents or other programs installed. My own analysis is that the Windows 10 operating system takes up at least 20 GB on the hard drive which is why it creates such problems for 32 GB drives. Here is a Microsoft image stating that 20 GB is required for a 2017 Windows update:

01

 

Here is one of the hundreds of adverse comments on Amazon complaining that the 32 GB eMMC drives on their new laptops are not big enough and that the Windows operating system is taking up their entire drive. (I have put 50 more of these comments at the end of this article):

“This Acer uses a multimedia card in place of a drive. Now, the problem with this is that 28g of space is necessary for the operating system. There is only 4g left for anything else. It is not only slow, but hasn't enough storage space to update even the operating system. It is not able to update anything for lack of space to do the work. I can't imagine what this machine could possibly be good for.”

Third, the hard drive is also where one normally installs applications and programs such as MS Office which are also updated each month. MS Office alone is 3 GB. Add in common programs like the Chrome or Firefox web browser and an Anti-Virus program and suddenly you have 2 more GB. So let’s add this all up. 20 + 3 + 2 = 25 GB. This leaves only 4 GB for your documents, images and videos.

Fourth, the Windows operating system gets even bigger each and every month due to monthly updates. Twice a year, Microsoft issues even bigger updates. The April 2018 update was 4 GB. In order to make room for this huge update, Microsoft and laptop makers urged owners of 32 GB eMMC laptops to move all of their documents off of the normal hard drive, called the C Drive in Windows, onto some other drive, such as a MicroSD card or USB stick, naming these new drives some other letter such as the D drive. So back in April, 2018, you moved your documents off the hard drive and installed the 4 GB Update. Thus, as of September 2018, your 32 GB Windows laptop was already at its maximum capacity of 29 GB. Here is a link to an article from May 2018 describing all of the problems with just doing the April 2018 Update on a 32 GB eMMC laptop. https://www.reddit.com/r/Windows10/comments/8mky5y/dont_buy_a_windows_10_pc_with_32gb_of_storage/

Fifth, the October Update is another 5 GB which will crash millions of 32 GB eMMC laptops. Now for the problem. The October 2018 Update adds another 5 GB onto your laptop that is already maxed out at 29 GB!!! Now can you see why I have urged people to avoid buying a Windows laptop with only a 32 GB eMMC drive? A 32 GB drive is simply not big enough for the Windows operating system. Over time, Windows Updates are certain to exceed the capacity of the drive. Any Windows laptop with a 32 GB eMMC is simply a defective laptop.

Sixth, the proposed cures for this problem are worse than the disease. Microsoft and laptop makers such as Acer and Dell have proposed all kinds of solutions for this problem. First, they want you to buy another drive and put your programs and documents on some other drive. These other drives, especially MicroSD drives, are also often low quality and known to fail and know to be very slow. So it is out of the frying pan and into the fire.

Seventh, the so-called “fixes” for the Windows Operating System have serious negative consequences. Ever wonder what caused the October Update File Deletion problem in the first place? One of the new features of the Windows 10 October Update is the new automatic cleanup program called Windows Storage Sense – a program that makes no sense at all. This new tool will determine without any help from you when to delete files from your computer whenever the operating system needs more space: "It's important to note that we design Storage Sense to be a silent assistant that works on your behalf without the need to configure it… Storage sense runs automatically when you are low on disk space." https://blogs.technet.microsoft.com/filecab/2018/08/30/9205/

Gee, I wonder who might be running low on disk space? How about those 32 GB eMMC laptops! So don’t worry. Windows Storage Sense will only delete your Downloads folder and all of your documents if it is really needed – and it will not only be to make room for the October Update – but for every other update for every month from here until you have finally decided you have had enough of the bloated Windows operating system and finally switch to Linux – or buy a better laptop with 64 GB of storage.

Why the File Deletion Problem is Not Really Fixed
On Friday, October 5, 2018 Microsoft announced they were temporarily pausing the October 2018 Update for their Windows operating system while they attempted to determine why this update was deleting all the personal files (document, images and videos) some users had on their Windows computers. Here is an image of this very short announcement:

02

The last sentence of the announcement mis-leads customers into assuming this problem is just a temporary glitch and once solved, Microsoft will “resume rolling out the Windows October 2018 Update.” Three days later on Tuesday October 9, 2018, Microsoft announced that they had found the problem and solved it. Here is their explanation of the problem and the cure:

The problem only affected those who had ran out of space in their normal C drive and moved their documents to a different drive. But depending on how this was done, some duplicate folders were still left on the C Drive. Windows was trying to get rid of duplicate and empty folders. But some folders were not duplicates and were not empty – but were deleted any way. Supposedly, the October Update has been improved so it does not delete so many files.

But this new solution still does not address the underlying problem – that there is not enough room for the Windows operating system on 32 GB eMMC drives. In fact, leaving more files simply makes the available space even less.