Slashdot Mirror
Using Distributed Computing To Thwart Ransomware
I Don't Believe in Imaginary Property writes "The folks at Kaspersky labs are turning to distributed computing to factor the RSA key used by the GPcode virus to encrypt people's files and hold them for ransom. There are two 1024-bit RSA keys to break, which should require a network of about 15 million modern computers to spend a year per key factoring them. Unfortunately, there appear to be no vulnerabilities in the virus' use of RSA, unlike some previous cases. Perhaps more interestingly, there's some debate over whether people should bother cracking it. After all, what if they were trying to trick us into factoring the key for a root signing authority? Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk."
Where's Jack Bauer when you need him ???
Votez ecolo : Chiez dans l'urne !
If only I hadn't erased Jack Bauer's cell from my contact list after the last season...
My 0.02 cents
How are we going to do that? Everyone knows that things aren't nearly as fun as they used to be... people are even complaining about waterboarding now! what's this world coming to? Shoot, I remember when you could put a man on the rack - no problem.
You are using English. Please learn the difference between loose and lose; they're, there, and their; your and you're.
I think, personally, that human stupidity is a gold mine, and I'm slowly losing any inhibition and cashing in on it.
Way ahead of you. I went into IT security years ago. It is a gold mine. You can basically sell snakeoil and people will kill each other to buy it from you.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
As a result, I am shortly going to be announcing my new "Remain Safely Stupid, (tm)" product line. We harness the power of human stupidity for profit.
It will be absolutely nothing more than a box filled with paperwork. After filling out said paperwork, the client is guaranteed paper "rights" to be "free" and "protected" with said freedoms and protections guaranteed by the pieces of paper, and through no action or knowledge of his own. The client thus receives all the benefits without any of the actual risks of actually BEING free, or the hardships of actually BEING safe. Some have derided my product lines as "security theater" or "vaporware" but they are merely upset because I beat them to market with such a brilliant idea.
Patents pending.
" What luck for rulers that men do not think" - Adolf Hitler
... or bribing them! Hah! Foiling their plans of locking peoples files down! Oh, wait...
My 0.02 cents
Fortunately, we had Interbank Data Recovery Services. And Interbank does more than just acquire the decryption key.
That's because Interbank vows to find out who sent you the ransom and hunt them down like animals. Like filthy, dirty animals. That's the Interbank difference. See, I don't care how Interbank's secret police get things done. I just care that they get things done. For us.
Plus, because we'd enrolled in their Premiere Membership program, Interbank also hunted down friends and relatives of the guy who had encrypted our data, dragged them from their beds in the middle of the night, and set fire to their homes.
You backup to the same computer? I don't even backup to the same state!
You must be new here.
If you haven't been down-modded lately, you aren't trying.
Sacred cows make the best hamburger.
I don't even backup to the same planet!
Knowledge is power. Knowledge shared is power lost.
1. Track down the virus' creator.
2. Encrypt his/her data with a similar algorithm plus a key logger.
3. The keylogger phones home with the key the perpetrator used to decrypt his/her data.
4. Profit!
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Psh... backups? I restore my data from a parallel universe, where I didn't get hit by a virus in the first place.
I don't see the allure of backup. This one time I tried backing up my computer, I backed it up all the way, and then it kept shutting off. So I brought it back forward and it runs far cooler now that the fan isn't sealed off by the wall.
Oh, I do: as long as it's not the government doing the compelling.
Just once it'd be fun to hear that the local mafia don's PC got infected because his wife wanted cute smileys, and that the local prosecutor is frustrated by the lack of direct evidence linking the don to what they found down by the river.
Dewey, what part of this looks like authorities should be involved?
So this is another lesson in Computer Security 101: "No one likes Backups, but everyone likes Restore"?
Enterprise-level backup apps are almost always 3rd-party, not "some kind of unreliable M$ thing". Any serious solution also has a means to restore to bare metal, so in effect you need no OS at all to do this.
(and when was the last time anybody kept any current work on a floppy? Cripes - 1992 called and they want their backup devices back).
Quo usque tandem abutere, Nimbus, patientia nostra?
i'm glad you finally solved the problem of prime factorisation of big numbers.
> Psh... backups? I restore my data from a parallel universe, where I didn't get hit by a virus in the first place.
K dkd that, but kt turns out they use a slkghtly dkfferent alphabet kn that unkverse.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Track them down and kill them.
You should probably get the private key from them first.
It took me a bit of work, but I think I got it. Can someone double check my work? This is the key that I came up with:
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0