Did you take a puff off of your bubble pipe after writing this? Your post describes a considerable amount of devshops but software advancement is alive and well. Not every developer out there is trying to throw things together for a deadline to "stuff their pockets".
Slashdot videos: Now with more Slashdot!
The indictment given to Megaupload cites over $500 million in lost revenue from stolen intellectual-property.
Even though SOPA has drawn insurmountable criticism from both citizens and the White House, it would seem as if the US needs less of a reason everyday to not need it passed anyway."
Link to Original Source
I really don't know of anyone that supports Ron Paul because it's "cool".
Personally, I like him because he's in favor of ending big government, the current US Government is trying to do way too much, and most of its programs are failures. Paul recognizes that and has the balls to suggest what needs to be done. Paul also isn't afraid of pointing out the real cause of terrorism. The classic patriot response is that "terrorists hate freedom", no, people hate another country hanging out in their back yard, and you can expect eventual retaliation if you keep overstepping your boundaries. Early US colonists could have been considered terrorists during the revolutionary war, but I guess we forget about that. There are plenty of other free countries who have no problems with terrorist organizations, why do you think the US gets targeted? It's because the other countries aren't trying to police the rest of the world.
I was simply giving you an answer as to why it's recommended, it's not something that just "noob linux admins" do. I recommend it to anyone because most people new to sysadmin aren't aware that their server will start to get bruteforced as soon as it's setup, and most people aren't going to make their password a random string with 25 characters.
Also, nice job making fun of the document for recommending disabling services you don't need, then saying "disable services you aren't using". If you don't need something, disabling not only removes potential security threats, it provides additional resources for the utilities you actually need.
The other comments pretty much say this, but here's the NSA's take:
"Direct root logins should be allowed only for emergency use. In normal situations, the administrator should access
the system via a unique unprivileged account, and use su or sudo to execute privileged commands. Discouraging
administrators from accessing the root account directly ensures an audit trail in organizations with multiple
administrators. Locking down the channels through which root can connect directly reduces opportunities for
password-guessing against the root account.
Root should also be prohibited from connecting via network protocols. See Section 3.5 for instructions on
preventing root from logging in via SSH."