 So, I have a friend who's not too far from me and he owns a house and he has a guest house as well and his parents stay, actually he stays in the guest house and his parents stay in the main house, but it's his house, he is an adult, but he was talking the other day they have two gates to get into their neighborhood, one is motorized and the other one is a gate that he closed most of the time and they have a little chain just wrapped around so it doesn't swing open, but his mom constantly goes out and wraps the chain around it three or four times. They don't lock it, it's not locked, it's just chain, but she wraps it around three or four times and he was complaining about she, her reason for doing it is to make it harder for people to break in, which one, it's a fence they can hop over, hang with bolt cutters can cut it, but but it's not even locked, but she thinks wrapping the chain around it three or four times makes it, makes it less likely for someone to break in, all she's doing is it making more difficult for them when they need to go in and out of that gate, they just have more chain to unwrap, not that it's that difficult. Another example is I have a co-worker who I've not seen do this, but I've been told has done this and I know the guy and it does sound like something he would do, goes out with some guys from work, they get out of his car and he goes around, makes sure it's all, he goes and checks every door, make sure that the door is on his car lock, but it's a convertible and the top is down and and what are you doing, he's like well just, just to be safe, just to be secure, anyone can reach over and click the lock button or even just hop in the car, that the top is down, but in his mind going around checking all the doors, and he's a little obsessive compulsive, going around and he checks each door to make sure they're locked supposedly, even though the top is down, it makes them feel better. Both those are examples of fake security, people talk about fake news, I'm talking about fake security, which I see all the time, this, most time when I see things done for security reasons, it's like well yeah you have that there, but then I just do this, this, this and it goes around it, you know, it's like a great example is when people went from Windows XP to Windows Vista, you started getting the almost everything you do, it's like you're trying to run a program, are you sure you want to run this program? Yes, or okay, or whatever the button is, an okay button is not security, okay? If there's really a concern about that application running, then there should be a requirement for the user to type in their password, right? Because the user should have a right to do it, either they do or they don't, and when you type in a password it's just making sure that the person seeing at the keyboard is actually that user. So the UAC, which is not Union AeroCorp, things what it is, you know, on Doom, those are the bad guys, but that's also UAC is what does that stand for? It's the control system on Windows that makes those little pop-ups pop up. Every application you run, are you sure you want to run this? Are you sure you want to open this program? And there's no requirements. So another example is I'm in the middle of doing my C programming tutorials, and I have videos coming up on cross-compiling. So I compiled some programs using, I think in the videos I said MingW, but I actually looked up today it's MinGW, I guess, is the way it's supposed to be pronounced, M-I-G-W, which stands for minimal GNU Windows compiler. Anyway, so I compiled just basic hello, hello world, just, you know, basic C, main function, print hello world return zero. Compile it and I bring it to a Windows machine where I try to download and every time it downloads the built-in Windows Defender or whatever kept deleting it and removing it, telling me that it's malicious software because it's not on their list of, you know, approved software. So basically their antivirus, which I've done videos before about how antivirus in general is a scam, it does not work, it does not make sense. Antivirus software scanning things for viruses does not make any sense, and I'm not going to go into that. Now, I've done videos on it before, if you have antivirus, I don't care if you're running Windows, Linux, macOS, Android device, iPhone, antivirus is a scam, just think about it. Anyway, it's not even scanning for viruses, it's just looking for white-listed applications, basically. And all it took was for me to click on the icon for the Windows Defender, open, go to settings and disable, automatic, scan, or something like that. And then I could run the program all I want. Didn't have to type in any password. Yep. So, all I had to do was write a program that clicks that. Now, it's a compiled stuff works, but I've run scripts on that machine before I didn't do that, so I could have written a visual basic script that opened that up, moved the mouse, clicked on that, or tabbed to that, and disabled that, and then I could have ran that application. So again, fake security is what that is. And again, I see this on a lot of systems. It made it more difficult for me as a user. And yeah, as an attacker, I might have to go through these three, four, maybe five extra steps to bypass it. But as an attacker, it's worth me doing that. But as a user, every single time I go to do something, it says this, that is not helping me. Security at most should be you proving who you are, either with a password, a passphrase, you know, maybe two-factor authentication in certain cases, but if you are a user on a system, your user has certain rights. And it shouldn't ask you to, you know, to click okay to do something you tell, do, if I tell my computer to do something, it should do it right away. It shouldn't wait for, you know, and ask me, are you sure? Are you sure you want to do that? And I've even seen this a little bit in in some Windows, sorry, some Linux systems lately. I have come to, I run Debian, Pure Debian on my, most of my systems, but on my keychain I carry a multi-boot USB drive and the distro I've been playing with a lot for when I just go to systems and I want something out of boxes and the X Linux, and I like it a lot. But their default terminal, if you're trying to copy and paste a couple lines of code in there, whether it's at the shell or even I think into VIM, it's able to say, oh, copying and pasting stuff in the shell is dangerous, so you're sure you want to do this? And it gives me an okay button. Stupid, so you see it's not just Windows developers, because a Linux system can be just as secure or just as unsecure or just as stupid as a Windows system if we want it to be. Yeah, copying and pasting stuff into a terminal, into a shell, can be dangerous, but here's the thing, if I'm doing it, then I'm doing it. Of course I'm going to click okay, otherwise I wouldn't have done it in the first place. Fake security, okay? I mean, unless I accidentally slipped and clicked the mouse and clicked paste, you know, or I guess just center clicked, I accidentally clicked and pasted in the terminal, like yes, it would be helpful if my fingers were all fidgety like that. But 99% of the time, if I'm pasting something into the shell, I want it pasted in the shell. Now, maybe you have that message come up once, but then after I click okay, again, and the okay button is just ridiculous, but after I've done it once and I said, yeah, I'm sure, then it shouldn't ask me again after that fake security. Again, a computer should do, my computer should do what I tell it do, what I tell it do, and it shouldn't question me. At the very most, you know, if I'm trying to do something, you know, my user has certain rights, but then my user might be in the sudo users group and if it is, well then, you know, it's going to double check, you know, just give me your password, make sure that you're really this user, but as that user, once I've proven that, it should continue through, you know, you know, as a root user, it should never tell me nothing, you know. If I say rm-fr forward slash, it shouldn't ask me, are you sure? Of course I'm sure, I just typed it, you know, but that's the world we're living in. When I first switched to Linux, one of things I loved was I went from a Windows system, there were a lot of little things about Windows that drove me crazy. One of them was I go start, shut down, Windows, I think it was XP, may have been the first start doing it. Oh, you have open programs, are you sure you want to shut down? Yeah, kill all, and when I switched to Linux, it didn't do that anymore, but some desktop environments do that now. I click, I click the button, I click shut down, and I go, oh, you have some programs running, are you sure? Yes, I just click the shut down button. It is the stupidest thing, and it's stupid back when Windows XP used to do it, because Windows XP, I had times back, you know, early 2000s, where I'm rendering video that might take hours for me to render, I come back, and it's not rendering anymore, and I realized that Windows decided to do an update and restart the computer without asking me. So if I click shut down, I have applications open, it's going to be like, are you sure? But if I'm not at the computer at all, it's like, I think I'll shut down and restart your computer. Oh, so stupid, so stupid. Anyway, this is my little rant. Yeah, fake security, that's what this topic was about, it was just me talking. Thanks for watching, and I hope that you have a great day.