Some time ago I had a peek into The Other Side and didn't take it any further - but maybe that's because I didn't have a purpose or reason to take it further but I couldn't see a reason to progress, so I didn't. It just came across like a hobbyists environment with a community of snobs driving progress.
Wind the clocks forward another year or more and the landscape is vastly different. I've moved on to learning about network security, information management and have trained myself to think like a black hat (a good defensive strategy). I'm working on some exams that will give me the foundation to absorb that within my work as an architect too and because of the nature of this research I've been working on Linux.
There's some aspects of Windows (e.g. restrictions on packet injection / tampering) which the Linux community seems to lambaste Microsoft for. To me - as a noob at least - it looks like this is by design for commercial reasons. Whatever the reason it just isn't feasible to do a lot of this research on Windows.
So I created VMs through Hyper-V and researched distributions and their capbilities, settling on Debian as my initial preference. It's used as a basis for a number of other flavours including Kali, Raspbian and Ubuntu. KDE is nice and the apt system makes sense to me at this stage.
But then, of course, you start discovering limitations in the virtualised environments leading to one conclusion: You need to deploy to hardware to gain direct interaction with that hardware (and mitigate problems with networking especially). I started beefing up my knowledge of networking stacks and how to analyse network traffic, creating sandbox WiFi networks on my test router and trying to see how to break them / break into them. I found that Kali was a great place to look at this as it contained all the tools and was designed to run OotB so stuck with that on a Pi B+ for a while.
After a while I was using Archimate to design the domains of our house network and started building a HIDS and IDPS, then a DNS server, then spent a bit of cash at ModMyPi getting all the bits I needed. I set up high-grade SSH keys and improved security - I may add a VPN server in the DMZ at some point too. I've got DD-Wrt on the inner router and a custom network set-up which provides additional protection for everyone in the house.
 |
| ATX Mid-tower was replaced and needed a new use. Stick a PiRack in there and all the cables. |
Of course I've made significant progress in my learning and research - the next pot of which will be a short study on effective WiFi passwords vs. advice from the pub - but as a by product I've gotten far more technical than I'd expected; you end up finding things to investigate that you'd never considered before and research topics or techniques far from the original purpose.
For example, I've moved my trust away from BitLocker and am testing alternatives, using local accounts for BAU and my Microsoft accounts for connected services (such as OneDrive and XBox). It's not about tin-foil hats, the X-Files or any part of government; it's just a simple case of protecting your assets against criminals or other similar attackers.
Today is the first time I've used Windows in a week - I love Windows 8.1, especially on Surface Pro. It's beautifully designed, easy to use, makes the switch between keyboard-oriented and tablet seamlessly and OneNote /OneDrive / Office is pure brilliance in design and productivity. LibreOffice and Evolution do Office well but the UX is far clunkier. There is no OneNote outside of Windows and I miss the right click pen button (I only use a mouse on Ubuntu for apps that use context menus a lot). Office365 means I get proper Powerpoint instead of the terrible LibreOffice Impress. There's no Visio equivalent though I'm learning to use Camunda Modeller and Archimate instead. I can operate on client site without Windows now though.
For me Windows 10 is a disaster as it stands. They've ruined OneDrive (where is "Available Off-line Only" for files?) although are promising to rectify the situation and I think they've been led by too many Windows XP-ers in their UI-design-by-community instead of holding their ground and pushing 8.1 on to the next level. Continuum is awesome though - the new W10/Xbox dash is great (game streaming is by far the best add-on here), W10Phone looks superb and I hope they iron out the creases on W10. None of the privacy issues bothered me because you can turn off the telemetry services and disable the data sharing but the OS itself just doesn't feel as coherent or as well thought out as 8.1 on my SP3 or Windows Phone 8.1 on my Lumia.
I'm now in a position where I've had to remove Windows 10 from my replacement Surface Pro 3 as the software licensing service locked the whole machine out (Access Denied); despite this being the default build as supplied by Microsoft. USB boot won't work even after changing the UEFI settings to enable it - I suspect something to do with the Win10 installation - but I've now copied the 8.1 Enterprise installer to a new partition on the SP3 SSD and hacked the Grub2 bootloader to give me the option to boot from it and I'm going to get Windows dual booting on it for OneNote and firmware upgrades. Encrypted SD and data partitions allow sharing between OS-es and decent OpSec can ensure Windows only knows how to access one of those for transfer.
Phew. If you'd suggested and of that to me a year ago my eyes would have glazed over and I would have probably just sent the device back to manufacturer.
But the thing is I'm still afraid to install Win8.1 in case it fudges up all the work done installing and configuring Ubuntu. I know Windows will install its own boot-loader (I've modified the same on my desktop to add back the Ubuntu option enabling dual boot again). I like Ubuntu, Raspbian and Debian - I also like the Windows ecosystem and the journey is never over but I'm reaching the point where I have enough foundation to build on for the security architecture courses. In order to design an architecture or provide solid options for businesses I still feel it's beneficial to understand the inner workings.
It's good to be bilingual between Windows and Linux and none of this has been as difficult as learning Mandarin (as I originally thought it might be). It just sounded more tricky to get started than it was.
