Wana Decryptor Ransomware Using NSA Exploit Leaked By Shadow Brokers To Spread Ransomware Worldwide (threatpost.com)

← Back to Stories (view on slashdot.org)

Wana Decryptor Ransomware Using NSA Exploit Leaked By Shadow Brokers To Spread Ransomware Worldwide (threatpost.com)

Posted by BeauHD on Friday May 12, 2017 @10:40AM from the never-before-seen dept.

msm1267 quotes a report from Threatpost: A ransomware attack running rampant through Europe today is spreading via an exploit leaked in the most recent Shadow Brokers dump. Researchers said the attackers behind today's outbreak of WannaCry ransomware are using EternalBlue, an exploit made public by the mysterious group in possession of offensive hacking tools allegedly developed by the NSA. Most of the attacks are concentrated in Russia, but machines in 74 countries have been infected; researchers at Kaspersky Lab said they've recorded more than 45,000 infections so far on their sensors, and expect that number to climb. Sixteen National Health Service (NHS) organizations in the U.K., several large telecommunications companies and utilities in Spain, and other business throughout Europe have been infected. Critical services are being interrupted at hospitals across England, and in other locations, businesses are shutting down IT systems. An anonymous Slashdot reader adds: Ransomware scum are using an SMB exploit leaked by the Shadow Brokers last month to fuel a massive ransomware outbreak that exploded online today, making victims all over the world in huge numbers. The ransomware's name is Wana Decrypt0r, but is also referenced online under various names, such as WannaCry, WannaCrypt0r, WannaCrypt, or WCry. The ransomware is using the ETERNALBLUE exploit, which uses a vulnerability in the SMBv1 protocol to infect vulnerable computers left exposed online. Microsoft issued a patch for this vulnerability last March, but there are already 36,000 Wana Decrypt0r victims all over the globe, due to the fact they failed to install it. Until now, the ransomware has laid waste to many Spanish companies, healthcare organizations in the UK, Chinese universities, and Russian government agencies. According to security researchers, the scale of this ransomware outbreak is massive and never-before-seen.
UPDATE: The Guardian reports that "An 'accidental hero' has halted the global spread of the WannaCry ransomware" by discovering a kill switch involving "a very long nonsensical domain name that the malware makes a request to." By registering that domain, the spread of the ransomware was effectively halted.

106 of 197 comments (clear)

Min score:

Reason:

Sort:

Say "thanks" to your "security"-agency... by ffkom · 2017-05-12 10:44 · Score: 5, Insightful

who chose to weaponize security holes rather than having them fixed for some actual security.
1. Re:Say "thanks" to your "security"-agency... by Moheeheeko · 2017-05-12 10:47 · Score: 1
  
  Well nobody ever credited the NSA with an abundance of common sense.
2. Re:Say "thanks" to your "security"-agency... by Anonymous Coward · 2017-05-12 10:55 · Score: 1
  
  I guess the question is why wasn't there a plan in place to patch the holes going on in secret also? If you're going to weaponize something you want to be able to neutralize it also. True since rocks.
3. Re:Say "thanks" to your "security"-agency... by Anonymous Coward · 2017-05-12 10:57 · Score: 5, Insightful
  
  No. Say thanks to Micro$oft for making people extremely gunshy after their concerted efforts to force Windows 10 down everyone's throats.
  It's bad enough to worry that an update to a bad driver will brick your machine without the problem of waking up to find Windows 10 on your machine.
  I'm sure there's enough blame to go around here, but don't forget that the update paranoia around Windows OS's was brought to you by none other than Micro$oft themselves.
4. Re:Say "thanks" to your "security"-agency... by saloomy · 2017-05-12 11:14 · Score: 4, Insightful
  
  But this isn't a zero-day. "Microsoft issued a patch for this vulnerability last March, but there are already 36,000 Wana Decrypt0r victims all over the globe, due to the fact they failed to install it."
  
  Blame lax IT policies and ineffective management for leaving exposed machines to the internet unmatched. Of course your going to get hosed. Most know to put a firewall, enable the machine's firewall, or air-gap their systems.
5. Re: Say "thanks" to your "security"-agency... by Anonymous Coward · 2017-05-12 11:40 · Score: 1
  
  Micro&Soft build their system with a crapy backdoor. No one to blame, if not them.
6. Re:Say "thanks" to your "security"-agency... by dbIII · 2017-05-12 12:14 · Score: 5, Insightful
  
  But this isn't a zero-day. "Microsoft issued a patch for this vulnerability last March, but there are already 36,000 Wana Decrypt0r victims all over the globe, due to the fact they failed to install it."
  Since there were so many people that turned off updates to avoid getting MS Windows 10 unasked I don't think blaming the victims is a useful approach.
7. Re: Say "thanks" to your "security"-agency... by saloomy · 2017-05-12 12:37 · Score: 1
  
  No. The update process was manageable. Maybe not for most home users, but certainly for the British NHS. Certainly they should have blocked SMB shares from the internet.
8. Re:Say "thanks" to your "security"-agency... by Anonymous Coward · 2017-05-12 12:56 · Score: 1
  
  microsoft is partly guilty in this for sure because A LOT of people have the updates turned off since the windows 10 debacle, the lies, the telemetry, the diagtrack process, the broken windows update service that sits iddle consuming 25% of your cpu, etc
  but even a monkey like me that hears about the smb vuln, even if i dont know what it means exactly because im just a user and not an engineer, i could tell it was BAD, so i patched the living shit out of my computer
  sorry but if youve had experiences with blaster, conficker, etc, you should know about this kind of things already, again, not an engineer at all, but just hearing about it, looking the ports affected this thing looked really bad
9. Re: Say "thanks" to your "security"-agency... by Anonymous Coward · 2017-05-12 14:15 · Score: 1
  
  Blocking SMBv1 protocol from the internet won't stop this attack. Any medical staff from within NHS can click a phishing site or open a malicious email attachment and the ransomware would still scatter like wildfire within NHS LAN.
10. Re:Say "thanks" to your "security"-agency... by fustakrakich · 2017-05-12 14:24 · Score: 1
  
  Bah! Who is Russia? Compared to Microsoft?
  
  --
  “He’s not deformed, he’s just drunk!”
11. Re:Say "thanks" to your "security"-agency... by mcswell · 2017-05-12 15:09 · Score: 1
  
  And why do you think Microsoft was able to patch this *before* the exploit was leaked by Shadow Brokers?
12. Re:Say "thanks" to your "security"-agency... by radarskiy · 2017-05-12 15:17 · Score: 1
  
  "rather than having them fixed"
  The patch for the exploit used has been been publicly available on Windows Update since March 14.
13. Re:Say "thanks" to your "security"-agency... by ichthus · 2017-05-12 15:43 · Score: 1
  
  Congratulations. You have posted the most interesting question in this whole story.. Supposedly, this was a 0-day hole before it was leaked. So, then, how did MS know to patch it? Hmm.
  
  --
  sig: sauer
14. Re:Say "thanks" to your "security"-agency... by thegarbz · 2017-05-12 21:16 · Score: 1
  
  Sure it is. If there's a hole in the wall because some idiot used a scattergun to try and kill a fly, it's still the idiot's fault.
  Microsoft has actually been quite sensible for this very reason. Way too many idiots think the solution to any problem they have is to turn off windows update. I'll wager that the majority of those who "turned off" windows update to avoid windows 10 actually knew what they were doing and didn't turn it off but rather curated them.
  Personally I think the best thing would be:
  a) not be able to disable windows update.
  b) go back to the really old way of doing it where you were presented a list of updates to tick and then click download.
  c) nag the user if there are new updates they haven't explicitly denied, and if it isn't updated in e.g. 30 days, then force the update.
  There needs to be a balance between professional computer users and idiots.
15. Re:Say "thanks" to your "security"-agency... by MoarSauce123 · 2017-05-12 22:57 · Score: 1
  
  That hole was patched with a March update. Your thanks need to go to those who are tardy with applying updates...and to Microsoft for making it insanely difficult to determine what an update contains and does now that they no longer publish the Security Bulletins.
16. Re: Say "thanks" to your "security"-agency... by Anonymous Coward · 2017-05-13 02:03 · Score: 1
  
  > go back to the really old way of doing it where you were presented a list of updates to tick and then click download.
  Microsoft deliberately began obfuscating the descriptions of the patches to prevent this. There are kbs that make all your shit go to Microsoft, and kbs that fix some of the SMB vulnerabilities. That information is buried at the bottom of some voat post filled with Nazis and otjer assholes. That information is not absilable through the Wandows GUI.
Tally by burtosis · 2017-05-12 10:52 · Score: 2

Successful NSA exploits used: maybe a handful
Number of affected worldwide when it leaks: Tens of thousands to potentially millions
Obscurity is not security. by Gravis+Zero · 2017-05-12 10:53 · Score: 5, Insightful

I've said it before but it bears repeating.
When you create an exploit, you create a weapon but when you submit a fix, you make that weapon ineffective. So now instead of having the world's best armor, we have an absurd cache of weapons and those weapons have been stolen. The moral isn't to protect your weapons better, it's that you should be making better armor.

--
Anons need not reply. Questions end with a question mark.
1. Re: Obscurity is not security. by bestweasel · 2017-05-12 12:45 · Score: 1
  
  The usual answer is more weapons.
2. Re: Obscurity is not security. by Gravis+Zero · 2017-05-12 20:17 · Score: 1
  
  The usual answer is more weapons.
  Software security isn't your usual war so the usual answers do not apply.
  
  --
  Anons need not reply. Questions end with a question mark.
It hit the NHS hard by Anonymous Coward · 2017-05-12 10:55 · Score: 5, Interesting

I'm a doctor in the NHS. It hit my hospital hard. The bosses triggered the MAJAX protocols meaning everyone off work was called to come in and help. Computers are used for everything, so blood tests, admissions, scan requests, referrals, all had to be done by hand. The public were asked to keep away from A+E because hundreds of people were waiting. It was terrifying how little failsafe infrastructure there was. The hospital just stopped working.
1. Re:It hit the NHS hard by Anonymous Coward · 2017-05-12 11:18 · Score: 4, Insightful
  
  And you use unpatched computers in a hospital WHY? How the hell is it that the PC my kid plays Minecraft on is patched, but the ones you use for MEDICAL CARE are not!? WTF!?
2. Re:It hit the NHS hard by Anonymous Coward · 2017-05-12 11:44 · Score: 5, Informative
  
  They may remain unpatched because of a fear that the patch could cause serious errors in the same systems. Most large organizations don't immediately apply patches throughout their infrastructure. They test the patches extensively before deciding to deploy them. In many cases there are laws and regulations in place that say systems have to be certified before they are deployed. Getting the certification for a patched systems, even when the unpatched system is certified, can be a huge and expensive task which may involve hiring specialized firms to run extensive tests.
  Some organizations are just negligent and risk problems by not patching while others are super vigilant and risk different problems by delaying patches.
3. Re:It hit the NHS hard by Anonymous Coward · 2017-05-12 12:01 · Score: 3, Informative
  
  Due to microsoft's continuous fuckery with win10, telemetry, updates which break shit and now rolled up updates which makes vetting them(*) an order of magnitude harder and more time consuming the last time my win 7 install was updated was sept 2016 and even that was a due to more fuckery by microsoft.
  I left my machine set to 'check for updates but don't install' yet it suddenly flips to install updates automatically after several years without any warning or change by myself - suspicious eh? Since then i have the service stopped and set to never check.
  I can't blame ANYBODY for not having a fully patched machine when microsoft tries to make it as painful an experience as possible.
  (*) due to a series of botched kernel updates they released a few years ago i ALWAYS wait at least 1 week after patch release then google every single KB before installing to ensure it isn't going to be an issue
4. Re:It hit the NHS hard by JaredOfEuropa · 2017-05-12 12:22 · Score: 1
  
  Common sense would dictate that a system that goes unpatched for a certain period of time loses its certification automatically.
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
5. Re:It hit the NHS hard by TroII · 2017-05-12 12:28 · Score: 4, Insightful
  
  And you use unpatched computers in a hospital WHY?
  Because patches are often broken. Imagine these hospitals had applied the patch when Microsoft released it, but the patch was faulty in some way, and all of the hospital computers went down as a result. Instead of complaining the hospitals were running unpatched, you and/or many people like you would be bitching and moaning that they were negligent to install the patch too soon.
  Updates from Microsoft frequently include at least one broken patch. There was one update last year that broke millions of peoples' webcams. There have been several updates that interfered with settings and reverted them back to default configurations, and several more updates that seemingly deleted group policy objects that had been configured by the domain administrator. There was a patch around the new year that inadvertently disabled the DHCP service, despite the update itself having nothing to do with DHCP. (Things that make you go hmmm.) This particular fuck-up rendered a lot of machines not only broken, but totally irreparable without manual human intervention, i.e. dispatching someone clueful to each of your premises to clean up the mess.
  Patch deployment in any enterprise environment requires extensive testing. You have to coordinate with your software vendors to make sure their applications are compatible with the update. If you install Patch XYZ without first getting approval from Vendor123, you wind up invalidating your support contracts with them. All of this takes time. In 2016, there were several months in a row where Microsoft had to un-issue, repair, supersede, and re-release a broken patch they'd pushed out. Put yourself in the shoes of an admin team who got burned by Windows Update breaking your systems, especially repeatedly. Are you going to be in any hurry to patch? If you were bitten by the DHCP bug, do you trust that the "critical SMB patch" really only touches SMBv1, and isn't going to inexplicably corrupt Office or remove IPV4 connectivity on every computer it touches?
  If the PC your kid plays Minecraft on gets hosed by a broken patch, it's not that big of a deal. The business world is a different story.
  
  --
  "If there was a gay Afro-Puertorican Linux distribution, I'd give it a try" ~lucm
6. Re:It hit the NHS hard by Anonymous Coward · 2017-05-12 13:08 · Score: 1
  
  i have a box at home, with a system made by some dude with very thick glasses in some basement somewhere, its that thing called linux
  it gives me less problems when i update than the marvelous and modern windows do on my other boxes, which is sad considering i dont know jack shit about linux
  maybe, just maybe, the affected big companies should consider moving away from microsoft, which has not been able to deliver a proper product since windows 7
7. Re:It hit the NHS hard by Angeret · 2017-05-12 14:42 · Score: 1
  
  Abso-fucking-lutely! I'm only on 7 because M$ made a coupla changes to Direct X and the game producing herd bleated acquiescence - so if I wanted to play most recent games I needed to be on Win 7. I installed it for the first time about the time 10 came out, thus missing the abortion called 8, and then we got hit with the bullshit about auto "upgrading". Yeah. Auto updates are OFF, still running GWX control panel, any possible telemetry nuked both in the registry and on my router. So, thanks to the software rental company/protection racket formerly know as Microsoft, I now have a machine *I* control but if I'm a little lax with security it can be taken away from me by scumbags.
  I hope the fuckers in the NSA are proud of their baby and I hope someone finds the fuckers now using it and double-taps them on camera. I'd pay to see that. This isn't funny anymore (was it ever?) because now we're stepping into territory where lives may be at stake. Fucking with computers is verboten as far as I'm concerned, fucking with medical facility computers should be a capital offense.
8. Re:It hit the NHS hard by Angeret · 2017-05-12 15:11 · Score: 1
  
  They want low priority "cases" to stay away, not everybody, especially not ambulance admissions. By way of example how A&E sometimes (often) gets abused, I had a boss once who cut his finger while operating a turret press. He had the only staff member present other than myself drive him to the nearest A&E because, as a guitar player, he said he might have done some serious damage. I downed tools until they returned as I'm fucked if I'm running sheet metal on industrial hardware alone on a night shift. When they got back some hours later, the damage turned out to be a cut somewhat less than you get from shaving (which he should have seen after running it under a cold tap for 5 seconds). As he was the registered and trained first aider for the shift it should have been blatantly obvious. But no. He had to get driven to hospital and A&E staff went through their standard procedures before simply putting a regular plaster on it, which he was proud to show off the next day as if he'd he'd been in a war.
  He actually wondered why I called him a cunt after we'd lost about 9 hours production between us that night and management wanted to know why *I* hadn't continued working while they were gone. Knowing the travel time to the hospital, he'd wasted nearly 2 hours of A&E time. Multiply that by the number of people who wander into A&E with "injuries" like looking for a bed for the night, got drunk - fell over, or less.
  Yeah - YOU might have a need, but there's plenty who don't and they spend far too much time wasting that of hospital staff. Your next trip there might be held up by some idiot with entitlement issues, which would be a bad thing.
  TL:DR - people sometimes abuse A&E and they're better off not getting underfoot while this is going on.
9. Re:It hit the NHS hard by pinecone1 · 2017-05-12 17:53 · Score: 1
  
  One other point: If you run any kind of computer controlled equipment, you will know that the manufacturer designs it for specific computer platform and then moves on. Lots and lots of PC's are stuck on XP because the equipment they are attached to has no drivers for anything newer. Or the app that collects data can't tolerate anything newer. This is partly the fault of equipment makers who should provide a guarantee of a certain number of years of support for new OS's, but mostly their fault of choosing a PC as the base for something that has to be reliable. If I see such a device I say, "You know this only has an operational life span of 10 years no matter how long the rest of if would keep working". Salesmen don't like this. If it's not some unix box, there's no hope. Of course equipment manufacturers won't do that because unix hackers are harder to come by and cost more.
10. Re:It hit the NHS hard by Z00L00K · 2017-05-12 18:04 · Score: 1
  
  More than patches are broken is that applications sometimes are written to handle the the unpatched version and when the patch arrives then the workaround blows up.
  
  --
  If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
11. Re:It hit the NHS hard by Z00L00K · 2017-05-12 18:09 · Score: 1
  
  One thing that's important is to build up a segmented network where each department is insulated from the other departments and only exchange of approved information is going to be allowed.
  Same goes for internet communication. Limit that to necessary services.
  Mail services should go on virtual servers that are sandboxed, or even on a remote desktop server.
  
  --
  If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
12. Re:It hit the NHS hard by SimonTheSoundMan · 2017-05-12 23:31 · Score: 1
  
  However an unpatched PC or server would break laws relating to compliance. PCI compliance for example, all security patches must be installed within 30 days of the patch being released.
13. Re:It hit the NHS hard by Pinky's+Brain · 2017-05-13 05:48 · Score: 1
  
  So firewall the shit out of them, don't let them access the web, don't give them USB connectors ... problem solved.
  The only computers 99% of hospital computers should be able to connect to should be the data servers for the applications and the computers handling remote management. Even those computers handling remote management shouldn't by default be able to just communicate with them on all ports, because modern IT is too fucking retarded to be relied on not to fuck that up.
14. Re: It hit the NHS hard by Pinky's+Brain · 2017-05-13 06:41 · Score: 1
  
  It also requires them to be curmudgeons and for management to stop thinking of themselves as masters of the universe.
  By overconfident management and hipster IT combined we got BYOD.
15. Re:It hit the NHS hard by xvan · 2017-05-13 07:54 · Score: 1
  
  It's the same shit on unix, tons of times I've came with special hardware with drivers released for a particular version of linux (probably redhat). Even having the source of the drivers, if they're unmaintained they won't work with newer kernels. Not everybody is RMS
16. Re:It hit the NHS hard by LienRag · 2017-05-14 08:20 · Score: 1
  
  A better question: they use Windows on a hospital computer WHY?
get used to it by turkeydance · 2017-05-12 10:57 · Score: 1

45K....peanuts.
Say "thanks" to leakers by mi · 2017-05-12 10:57 · Score: 2

chose to weaponize security holes
Like any weapon, this one is dangerous (deadly!) in the wrong hands. It was not the NSA, who placed it into the wrong hands, however.

--
In Soviet Washington the swamp drains you.
1. Re:Say "thanks" to leakers by LT218 · 2017-05-12 11:01 · Score: 2
  
  It was the NSA who failed to properly secure and protect their "weapon" that could wreak havoc globally if it got into the wrong hands. It was and is their responsibility.
2. Re:Say "thanks" to leakers by ffkom · 2017-05-12 11:22 · Score: 2
  
  There could have hardly been any more "wrong" hands than those of the NSA, obviously. The "right" hands would have acted in favor of mankind, not like a villain stockpiling doomsday devices in a garden locker for any petty thiev to steal.
3. Re:Say "thanks" to leakers by mi · 2017-05-12 14:25 · Score: 1
  
  It was the NSA who failed to properly secure and protect their "weapon" that could wreak havoc globally if it got into the wrong hands. It was and is their responsibility.
  Yes, they were certainly negligent. A person, whose gun is stolen can be charged with negligence. But the murderer is still responsible for the murder — not the gun's hapless owner.
  
  --
  In Soviet Washington the swamp drains you.
4. Re:Say "thanks" to leakers by mi · 2017-05-12 14:28 · Score: 2, Interesting
  Whatever, dude. But I still think, the blame ought to be distributed in the following order:
  
  Those, who unleashed the stolen weapon.
  Those, who stole the weapon.
  Microsoft.
  NSA.
  --
  In Soviet Washington the swamp drains you.
5. Re:Say "thanks" to leakers by HiThere · 2017-05-13 06:15 · Score: 1
  
  If the NSA wasn't the wrong hands, why didn't they cause this bug to be fixed years ago? It was already in the wrong hands...and probably not only those of the NSA.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
6. Re:Say "thanks" to leakers by mi · 2017-05-13 10:21 · Score: 1
  
  If the NSA wasn't the wrong hands, why didn't they cause this bug to be fixed years ago?
  So as to be able to use it against an enemy, silly... Suppose for a second, people other than actual enemies (Italians and Germans) were using Enigma during WW2. Would you expect Alan Turing et al to publicize the fact, they found a way to break the code?
  
  --
  In Soviet Washington the swamp drains you.
What boggles my mind by guruevi · 2017-05-12 11:03 · Score: 3, Informative

Is that there are still 45k Windows machine that are directly connected to the Internet.
Any Windows machine I manage (mostly very specific medical software and medical machines) are either VM (and thus behind a firewall and any service proxied to a BSD or Linux host) or airgapped.

--
Custom electronics and digital signage for your business: www.evcircuits.com
1. Re:What boggles my mind by RandySmith6424 · 2017-05-12 11:20 · Score: 3, Interesting
  
  They don't have to be directly connected to the internet. They just have to have a shitty network admin that didnt close 445 on the firewall and didnt patch windows.
2. Re:What boggles my mind by DaHat · 2017-05-12 11:53 · Score: 1
  
  Yup, plus a single exposed machine which is infected will then turn around and start scanning it's own subnet which may include machines which may not even have internet access.
  
  --
  Help Brendan pay off his student loans
3. Re:What boggles my mind by DraconPern · 2017-05-12 13:11 · Score: 1
  
  In NHS's case, I am guessing only one person had to be infected. Then it used the SMB exploit to worm it's way through the entire system. It only took one person. I am checking all of my machines to make sure it's all patched.. (in health care)
4. Re:What boggles my mind by Fish+(David+Trout) · 2017-05-12 14:58 · Score: 1
  
  What boggles my is that there are still 45k Windows machine that are directly connected to the Internet.
  I doubt that many are directly connected to the Internet.
  What is more likely is most of those systems were connected to each other via File and Printer Sharing, and just one of them was somehow compromised. Then, once that one system inside the perimeter became infected, it then spread internally from system to system like wildfire.
  Thus even though none (or very, very few) of the infected systems were actually directly connected to the Internet, literally thousands of systems were quickly infected due to one person's carelessness along with far too many internal systems not being patched against the File and Printer Sharing bug (which is solely the CTO's/System/Network Admin's fault).
  
  --
  "Fish" (David B. Trout)
5. Re:What boggles my mind by DigiShaman · 2017-05-12 15:19 · Score: 1
  
  That's not what happened. It's an exploit in SMB. Meaning, the Ransomware is now a worm on the local subnet. Once someone behind the keyboard opens the malware in the form of an attachment to infect their PC, it then proceeds to scan the LAN and replicate to other computers via the SMB protocol exploit. Those computers in turn do the same thing. Lather, rinse, repeat.
  FYI, SMB ports are open between client an server on any machine joined to a Windows Domain (Active Directory).
  
  --
  Life is not for the lazy.
6. Re: What boggles my mind by guruevi · 2017-05-12 16:41 · Score: 1
  
  Then they ARE connected to the Internet, having a proxy to the entire network is the same as having no firewall. From my understanding this isn't being done via social engineering though (yet), a coordinated "attack" (I would call it a test) would devastate these Windows-only enterprises.
  Rule number one on any network: everything else is hostile. Not sure how even Microsoft hasn't figured that one out.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
7. Re:What boggles my mind by xvan · 2017-05-13 07:57 · Score: 2
  
  Here, "one persons carelessness", translates to the somebody plugging his laptop at multiple places because he's doing real work. You can't push the blame to the users.
File a lawsuit against ... by CaptainDork · 2017-05-12 11:10 · Score: 1

... the NSA.
Lots of demonstrable dollar loss.
Microsoft plugged this hole back in March.

--
It little behooves the best of us to comment on the rest of us.
The NSA should Compensate.... by Zurkeyon3733 · 2017-05-12 11:13 · Score: 1

EVERY Person, and EVERY Business, that this will do damage to. Its their tool, POORLY secured, that caused this ENTIRE MESS! If they had been sitting there catching terrorists, like we paid them to do, rather than designing malware to perform black ops with, we wouldn't be having this little "Chat" LoL!
1. Re:The NSA should Compensate.... by Gravis+Zero · 2017-05-12 11:37 · Score: 4, Insightful
  
  EVERY Person, and EVERY Business, that this will do damage to. Its their tool, POORLY secured, that caused this ENTIRE MESS!
  You got it all wrong. The entity to blame is Microsoft. Their operating system is poorly secured which is the root cause of this entire mess.
  
  --
  Anons need not reply. Questions end with a question mark.
2. Re: The NSA should Compensate.... by bestweasel · 2017-05-12 13:07 · Score: 1
  
  If some hacker finds an exploit, doesn't tell Microsoft, uses it for his own purposes but fails to keep it secure so other hackers get hold of it and use it to install ransomware, would you still blame Microsoft, or only if the hacker's initials are NSA?
  You might as well criticize the Linux devs too because of all the unpatched security holes in Linux.
3. Re: The NSA should Compensate.... by XparXnoiaX · 2017-05-12 13:17 · Score: 1
  
  If some hacker finds an exploit, doesn't tell Microsoft, uses it for his own purposes but fails to keep it secure so other hackers get hold of it and use it to install ransomware, would you still blame Microsoft,
  Yes, yes I would.
  
  You might as well criticize the Linux devs too because of all the unpatched security holes in Linux.
  Also yes.
  
  --
  Irresponsible disclosure is responsible
4. Re:The NSA should Compensate.... by Billly+Gates · 2017-05-12 17:17 · Score: 1
  
  Can you say in a serious face that the NSA HAS 0 backdoors on Linux? No really. It's not like the NSA didn't have a role in developing Redhats apoarmor or anything.
  The echo chamber of anti MS hate is strong here as always but put the crackpipe down.
  The NSA has keys to juniper and even a backdoor of old Nortel now Avaya routers. The NSA logs on and does what it likes
  
  --
  http://saveie6.com/
5. Re:The NSA should Compensate.... by pinecone1 · 2017-05-12 18:04 · Score: 1
  
  False equivalence. Linux makes it hard, Windows makes it easy. I bet the number of zero days they have in stock is an order of magnitude smaller for Linux. If you're a spy and you have to run a maze of lasers then what you can do is more limited-- maybe steal the big diamond or something. With windows you can set up a whole tea-party and pee on the carpet on your way out.
6. Re:The NSA should Compensate.... by ShoulderOfOrion · 2017-05-12 18:22 · Score: 1
  
  As a (anonymous coward) specialist, you should then also be aware that the vast majority of those Linux exploits are DOS or other flaws that do not pose an existential threat to the OS and filesystem itself due to the vastly superior Unix security and update model.
  Still, this particular exploit--like most successful ones--depends primarily on clueless users. There is no operating system on the planet that can withstand a determined assault from a clueless user.
7. Re:The NSA should Compensate.... by trawg · 2017-05-12 19:26 · Score: 1
  
  You got it all wrong. The entity to blame is Microsoft. Their operating system is poorly secured which is the root cause of this entire mess.
  I dunno about this. From what I've read they fixed the problem a while ago and a patch has been available for a reasonable amount of time - enough for most people to have tested and deployed it, especially given its seemingly obvious criticality.
  Your post implies that software should only be shipped when it is perfectly bug free, which I at least think is simply not possible.
8. Re:The NSA should Compensate.... by Gravis+Zero · 2017-05-12 20:11 · Score: 1
  
  Can you say in a serious face that the NSA HAS 0 exploitable bugs on Linux?
  A) FTFY
  B) Why bring up Linux? I'm just talking about the flaws that Microsoft owned code has.
  
  The echo chamber of anti MS hate is strong here as always but put the crackpipe down.
  The only thing I've done is lay blame where blame should be laid. When a severe bug for operating system XYZ is exposed then you blame the people who developed it, not the people who exploited it. This is true for all operating systems.
  
  --
  Anons need not reply. Questions end with a question mark.
9. Re:The NSA should Compensate.... by thule · 2017-05-12 20:25 · Score: 1
  
  Not AppArmor, SELinux. I know the accusation has been around for quite sometime, but I have yet to find anyone pointing out the backdoor. The code is GPL'd so people can audit the code.
  
  If anything, SELinux has saved systems from 0days by restricting the vulnerable process to only what it should do. Filesystem permissions or chroots only get you so far. SELinux goes farther. For example, it prevents a process from making outgoing IP connections.
10. Re:The NSA should Compensate.... by thegarbz · 2017-05-12 21:32 · Score: 1
  
  You got it all wrong. The entity to blame is Microsoft. Their operating system is poorly secured which is the root cause of this entire mess.
  I have a better idea, instead of blaming someone who had a bug in their code and patched that code the moment they discovered it, how about you blame the government entity which knew about the exploit and decided to weaponise it rather than report it.
  If we blame Microsoft then all programmers should hang because I've yet to see a bug free piece of software. That includes open source security software which we all hold near and dear to our hearts.
11. Re:The NSA should Compensate.... by Billly+Gates · 2017-05-13 02:06 · Score: 1
  
  You imply NSA is innocent and only Windows can be hacked. A false belief. Where do you think the term ROOTkit came from? Unix security was a joke before WindowsNT came into the scene as VMS was more secure because it was not written in C. I have seen hackers take over a SuSE enterprise server to host a phishing website. Just because it's opensource doesn'tean it's secure.
  
  --
  http://saveie6.com/
12. Re:The NSA should Compensate.... by Billly+Gates · 2017-05-13 02:09 · Score: 1
  
  Here is a list right now of Linux
  
  --
  http://saveie6.com/
13. Re:The NSA should Compensate.... by Gravis+Zero · 2017-05-13 05:35 · Score: 1
  
  You imply NSA is innocent and only Windows can be hacked.
  I did not imply either of those, you inferred that using faulty logic.
  
  --
  Anons need not reply. Questions end with a question mark.
14. Re:The NSA should Compensate.... by Gravis+Zero · 2017-05-13 05:52 · Score: 1
  
  I have a better idea, instead of blaming someone who had a bug in their code and patched that code the moment they discovered it
  Why wouldn't you blame the people who wrote poorly secured code?
  
  If we blame Microsoft then all programmers should hang because I've yet to see a bug free piece of software.
  It doesn't have to be bug free, it just shouldn't have remotely exploitable bugs in critical systems. Critical systems include the kernel, startup configs/scripts and daemons/services. In this case, Microsoft failed to secure their WINS service.
  
  That includes open source security software which we all hold near and dear to our hearts.
  Absolutely, I hold the Apache devs equally responsible for their HTTPd daemon's poor security model, especially with regard to addons like PHP. Simply put, people need to validate their inputs and mitigate unexpected failure scenarios. Nobody can do this perfectly but Microsoft is hardly trying.
  
  --
  Anons need not reply. Questions end with a question mark.
15. Re:The NSA should Compensate.... by HiThere · 2017-05-13 07:08 · Score: 1
  
  IIUC the NSA has "rainbow tables" that allow them access to any Linux system. But these don't allow access to all Linux systems.
  This is not to claim that the NSA don't have any exploitable tools that will handle all Linux systems, but I don't know of any. Linux systems can be stripped down and "hardened" in ways that MS intentionally doesn't allow. And, for that matter, the same is true of BSD, even slightly more-so. But not Apple, except, perhaps, their iPhones. As with MS, Apple doesn't let *you* strip down and harden their systems...but, perhaps, they might take security seriously with their iPhones...at least some models. (That's not really the way I'd bet, though.)
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
16. Re:The NSA should Compensate.... by thegarbz · 2017-05-13 21:59 · Score: 1
  
  Why wouldn't you blame the people who wrote poorly secured code?
  You can, just don't pretend that this is a Microsoft problem vs a programmers are human problem. You're masking the underlying issue with a blame game.
  
  It doesn't have to be bug free, it just shouldn't have remotely exploitable bugs in critical systems.
  Bugs, remotely exploitable critical bugs, same thing different label. This kind of stuff traverses all programmers, programming languages and OSes.
  
  Nobody can do this perfectly but Microsoft is hardly trying.
  I'm not sure I agree. Microsoft may look like they are hardly trying but they are also under the biggest scrutiny, and let's not forget who WanaCry actually initiates an infection: phishing email. It's also some observation bias here. There have been actually quite few major Windows based exploits in the past year or two, compared to what is ruining the internet right now: Phishing, Wordpress spambots, IoT botnets, and it seems a lot of exploits that target Windows increasingly target Acrobat. ... At least flash is dead.
  The only group that I would say are really categorically "not trying" are IoT device manufacturers. At least with Microsoft and in the serious Linux bugs the past year the bugs run deep and complex. It seems the past 2 years have shown us a whole world of absolutely stupid bugs from outside the core operating system world.
17. Re:The NSA should Compensate.... by Gravis+Zero · 2017-05-14 01:43 · Score: 1
  
  You're masking the underlying issue with a blame game.
  I responded to a post that was specifically laying blame on the NSA. I didn't start off waving a banner and cheering, "this is Microsoft's fault" but rather I was merely correcting the original post so that blame was properly credited.
  
  Bugs, remotely exploitable critical bugs, same thing different label.
  Poppycock! You may think they are the same but one is a specific subtype of the other that doesn't just happen anywhere.
  
  Nobody can do this perfectly but Microsoft is hardly trying.
  I'm not sure I agree.
  Considering the first thing the new guy at MS did was cut QA, I would say he's not interested in doing things like security reviews on existing code.
  
  let's not forget who WanaCry actually initiates an infection: phishing email.
  Actually, the email part is only required for isolated LANs. Access to SMB makes it fully remotely exploitable. Really though, it's beside the point.
  
  The only group that I would say are really categorically "not trying" are IoT device manufacturers.
  I agree they have little concern for security.
  
  It seems the past 2 years have shown us a whole world of absolutely stupid bugs from outside the core operating system world.
  Actually, with IoT, it's not bugs that are the problem as much as it is bad default configurations. IoT device vendors write the absolute bare minimum amount of code that is required (usually just a handful of scripts) and just slap it on top of a Linux base. This vastly reduces the chance their code has exploitable bugs but then they put shit like telnet and have a default username and password.
  
  --
  Anons need not reply. Questions end with a question mark.
National Insecurity Agency by TiggertheMad · 2017-05-12 11:19 · Score: 4, Informative

The NSA (and other ABC agencies that are undoubtedly running the same game plan) are doing what they are tasked with, finding ways to protect America and America's interests. Using hacking as a tool to this end is (relatively) new in the old game pf spycraft, so there are going to be a few epic disasters like this before the black ops people start to figure out all the types of blow back they can experience. The US was really big on foreign covert action in the 50's, and it took the bay of pigs to make people realize that there were ways that things could go horribly wrong. That didn't stop covert action from being used, but I think it was employed more carefully afterwards. Having all their shiny hacking toys stolen and having this happen is the hacking version of the 'Bay of Pigs'.

Also, while the NSA seems to have compiled a formidable array of exploits and tools to compromise enemy systems, that doesn't mean that everyone else isn't playing the exact same game. The only difference between the NSA and EVERY other state intelligence agency on the planet is that they seem to be able to properly secure their black ops toys. Being one of the largest agencies of this sort, there are going to be a lot of people in the know. And the more people involved, the harder it is to keep a secret.

Mind you, that doesn't make this any less tragic or regrettable. I sort of hope the CIA decides that it is in the US interest to find and vanish anyone connected with this ransomware to make an example of them. Alas, that sort of thing only happens in implausible Hollywood scripts.

--

HA! I just wasted some of your bandwidth with a frivolous sig!
1. Re:National Insecurity Agency by ancientt · 2017-05-12 12:07 · Score: 2
  
  Remotely exploitable network vulnerabilities shouldn't happen, but there seems no practical hope that they'll stop anytime soon. It would be negligent of legitimate spy agencies to fail to search for them and arguably be able to take advantage of them. Imagine you're trying to find out when an ISIS group is planning a bombing and you discover they're running a messageboard on a Windows machine with an SMB exploit, do you tell Microsoft to patch the exploit?
  You never know which of the vulnerabilities you'll be able to use, but if you dedicate sufficient resources to finding them and building exploits for them, then there is a good chance you'll be able to spy on whichever bad guy your agency needs to spy on when the need arises. Getting all the vendors to patch the exploits you find does limit your own agency's ability to spy but you have to assume it doesn't impair your enemies as significantly since the enemy doubtless will have exploits you don't have.
  What's the best solution? I suspect the best thing to do is build force-patch worms for every exploit. If you write an exploit, you should also dedicate resources to the task of writing a version of the exploit which pressures the owner of the exploited system to fix the problem. So in this instance, as soon as the attacks started being seen in the wild, the NSA servers should have launched a MASSIVE attack against any and all systems with the vulnerability which would disable the vulnerable systems in the least painful ways along with alerting the owners of the need to update their systems. Instead of getting "your files are encrypted and give hackers bitcoin to recover" messages, the people with exploitable systems should be seeing warnings like "Your system has been temporarily patched by the NSA for your own protection, please secure or update your device to protect it from malicious actors."
  The Hajime botnet may actually already be just the thing I'm describing. I'd prefer to see the NSA take public responsibility, and I'm doubtful the NSA is actually responsible for that one, but it is an example of how it could be done.
  If I have a vulnerable system, I'd much prefer to see it hacked by the NSA instead of some ransomware writer. Do I wish it wasn't hackable? Of course, but I accept that anything plugged into a network might be hackable. I do what I can to protect it from everyone, including the NSA. It's not that I'm worried about the NSA (because they have the resources to gain physical access if they really want it) but if I do my best to build secure systems, then it's less likely I'll wake up to a ransomware message some morning.
  
  --
  B) Eliminate all the stupid users. This is frowned upon by society.
2. Re:National Insecurity Agency by ancientt · 2017-05-12 15:45 · Score: 1
  
  Interesting.
  1.) Who determines "illegal?" .... problem? Solution. Doesn't even need to be public in the world we live in. Secret orders, secret courts, secret laws. We're already there.
  2.) I like the idea, basically. I wouldn't use a name already in public purview. Not "Shadow Brokers" but maybe "Not Somebody Anonymous" or a similar name that people suspect might be the NSA, but can't prove is the NSA.
  
  --
  B) Eliminate all the stupid users. This is frowned upon by society.
3. Re:National Insecurity Agency by Kernel+Kurtz · 2017-05-13 04:09 · Score: 1
  
  I sort of hope the CIA decides that it is in the US interest to find and vanish anyone connected with this ransomware to make an example of them.
  Sounds suicidal.
4. Re:National Insecurity Agency by LienRag · 2017-05-14 08:29 · Score: 1
  
  The US was really big on foreign covert action in the 50's, and it took the bay of pigs to make people realize that there were ways that things could go horribly wrong.
  It's a bit far-fetched, but apparently the CIA operations of the time went MUCH wronger than that: we have the AIDS epidemic to thank them for!
  
  From Nuno Faria's epidemiologic work, it seems that the worldwide spread of AIDS came from the Haitian volunteers to Congo who had to come back home after the CIA crushed the democratically-elected Lumumba government...
Hospitals used to work equally well in the 1990s by ffkom · 2017-05-12 11:58 · Score: 1

before they had an "Internet Connection".
I don't understand why any critical infrastructure (which, like a hospital, should function even in cases of catastrophy or war) connects any vital computer to a public network.
Re:That only happened to idiots. by Man+On+Pink+Corner · 2017-05-12 12:29 · Score: 3, Insightful

Microsoft told lie after lie after lie about their intentions. There was absolutely no reason to believe that setting your update threshold to "Critical Only" would save you from an unsolicited Windows 10 installation.
The only rational course of action for those who didn't want Windows 10 was to turn off Windows Update entirely. Deny this all you want, but be prepared for justified accusations of victim-blaming.
When will people get it... by John+Allsup · 2017-05-12 12:33 · Score: 1

When will people get it that, with a mission-critical computer system, it should have no more ability or authority to do _anything_ than it needs. If you computer is only there to do your financial stuff, the it doesn't need to be able to run Minecraft, so it should not be able to run Minecraft at all. Having a single all-things-to-all-people OS that, once booted, can do anything and everything, and is so complex that even its manufacturer can't track all the bugs and holes, and nobody else can even tell if it works, just so MS and other vendors have hid-e-holes to put their copy protection stuff in, and you can run Word, Minecraft and watch your Kitten videos on the same machine... that is just plain fing asking for it. (Linux isn't really much better _except_ that you can, and people do, produce tailored versions with extraneous stuff removed, and if you want to see the code for every last bit of software running, you can.)
Principle of least privilege (or least authority). For mission-critical stuff this is a must, and that precludes a general purpose OS like Windows or a typical Linux distro.

--
John_Chalisque
1. Re: When will people get it... by JWW · 2017-05-12 14:03 · Score: 1
  
  You say "if your computer". Then you proceed to define how a hardcore least privilege makes a computer not yours anymore. It belongs to whatever entity is tying your hands with respect to running it...
2. Re:When will people get it... by ShoulderOfOrion · 2017-05-12 18:26 · Score: 1
  
  Have you ever actually installed an embedded Linux system using something like Yocto? Or are you just making money on the side posting anonymously for Microsoft?
3. Re:When will people get it... by HiThere · 2017-05-13 07:20 · Score: 1
  
  If you do all that on the same machine, then any privilege escalation exploit can do all of them. To hobble the machine, though, often limits its capabilities unacceptably. This is why I generally assert that the main focus should be on restricting communication to text data only, with no commands beyond those capable of being encoded in HTML1.0 (no ECMAScript, etc.). That way data can be shared, but control is local. And, please, no auto-extracting command processors. No transmission of executable files, however packaged. Etc.
  There are cases where it's reasonable to dedicate a computer to each specific task, with hardened programs. This makes updates a hassle, but in those cases it's worth it. Actually, updates are a hassle even in the case where only communications are restricted, but it's not a real problem, and in many of those cases it can even be illegal to patch the software without retesting everything anyway.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
and microsoft isnt fixing winbdows 7 by Anonymous Coward · 2017-05-12 13:34 · Score: 2

they stopped helping 50% of windows users
ergo windows 7
get ready cause to be infected "the im not migrating to crap spyware that the nsa has more holes in then swiss cheese is now swiss cheese too"
thank microsoft too whom helps them
btw waving from
The eternal issue is one of blame. by Neo-Rio-101 · 2017-05-12 13:46 · Score: 2

IT admins: Let's patch this box
IT management: NO. You can't do that! We need a stable operating environment. Sorry you don't have a maintenance window until 6 months from now.
IT admins: But we'll get hacked!
IT management: Then we'll blame the hackers! It won't be our fault that the system has downtime. We'll keep our jobs!
IT admins: Oh I get it. If we bring servers down for maintenance, that will be our fault and we'll get fired.... but if we get hacked - it's not our fault.
IT management: YES! and then we can blame Microsoft and point the finger at all our vendors.

--
READY.
PRINT ""+-0
inside of a bureaucracy... by Anonymous Coward · 2017-05-12 13:54 · Score: 2, Insightful

common sense tends to get driven out by a business MBA who is an expert in efficiency.
proprietary software created by a vendor that is 4 guys in an office somewhere on the other side of the planet, who just got bought out by megacorp which then spun off as dildicorp and fired all the original creators... does not have a flying clue about why your Blobnatz75 driver doesn't work on Windows 10, nor are they going to get an answer anytime soon.
That is not how it infects by dbIII · 2017-05-12 14:12 · Score: 4, Informative

Certainly they should have blocked SMB shares from the internet.
That's not how it it gets on a network, even a large one like that. Somebody gets tricked into installing the malware from an email attachment or link via a vunerablity in IE or MS Office (Outlook not so good) and then it spreads across a local network via a weakness in an SMB implementation. Multiple levels of "fail" but not at the firewall, and not a lot that Microsoft's customers can do about it especially in a tight budget situation with IT as a very low priority.

Your suggestion (while a good one that would have already been done since it's so obvious) would not have helped.
1. Re:That is not how it infects by shmlco · 2017-05-13 02:07 · Score: 1
  
  That's how most malware is spread. But WannaCry, according to reports, was a fully automated exploit that did NOT need users to open an attachment or click on a link.
  If a Windows computer running SMB was exposed to the internet, it could be infected and from there infect machines connected on the internal network.
  The lack of human interaction needed was how it spread so quickly.
  
  --
  Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
2. Re:That is not how it infects by dbIII · 2017-05-13 04:49 · Score: 1
  
  If a Windows computer running SMB was exposed to the internet
  Maybe read something a little more credible and try again. There were dozens of ways anything like that would have got "owned" in minutes years before this new thing surfaced.
Re:Exactly. Precisely spot-on. by BlueStrat · 2017-05-12 14:21 · Score: 2

Pain is what makes the lesson sink in. The world's pain will motivate it to demand that our Intelligence agencies disclose vulnerabilities rather than sit on them, and further will demand enough transparency that they can prove they are doing this.
It won't happen immediately. But as hospital deaths roll in, and the seriousness of this failure starts to sink in, claims that this is all the fault of those who leaked the exploit will fall on some very deaf ears.
That's not what will happen at all. Nobody in government (that matters) will be held accountable for these attacks using their own leaked tools. They will not change, they will change the rules as in no more general purpose computers.
Governments will simply push for the elimination of general-purpose computers owned by the general public at large. One will have to show cause to own a GP computer and it will be licensed and registered with government, as will any device allowed to connect to the internet.
Strat

--
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Where is IT security? by duke_cheetah2003 · 2017-05-12 15:17 · Score: 1

Don't these institutions have IT security? Don't people understand how to design networks that are isolated from the internet, minimizing the attack surface of unpatched or intentionally held back machines?
Not trying to blame the victims here, well, ok I am, this is totally avoidable with some proper network design and isolation of critical and potentially vulnerable 'held back' systems.
Nothing inherently wrong with saying, "I don't want this machine's OS changed, cuz it works perfectly now." Where the problem lies is when you say, "Let's expose this known-vulnerable machine to the INTERNET." That is just stupid. I don't even expose my Windows 10 machine to the internet, directly. I don't even expose my Linux machines, except for a dedicated firewall.
1. Re:Where is IT security? by nnull · 2017-05-12 16:28 · Score: 1
  
  Management sees the price tag of doing so and they say "whoooooaaaa, no way". And that's that. And we have what we have. Even though the costs of doing so is negligible, other than doubling your material costs, that's about it. I've done it, I have my PLC's on a separate dedicated network from everything else. I have my video system on a separate network. I have my PC's all on a separate network. I even have my management computers all on a separate network. It's not really hard to do, especially when you have all your ports and wires neatly numbered.
Re:RANSOMWARE USES BUG PATCHED IN MARCH by nnull · 2017-05-12 16:19 · Score: 1

You'd be surprised how many industrial computers or commercial type computers which run displays (For airline displays, trains, etc), still use XP. Some have moved to Windows 7, but that's like a small percentage. Then you'd be surprised how many of these mission critical PC's are connected to the Internet without any sense of security. Of course none of them patched. It was a disaster waiting to happen and many here predicted for years was going to happen.

So, no surprise that someone finally exploited this situation.
Re: Hospitals used to work equally well in the 199 by guruevi · 2017-05-12 16:36 · Score: 1

Hospitals still operate with the same amount of people than the 90s but the population has nearly doubled. There is also a ton more diagnostics being done by the little beeping machines. There is still no reason to run Windows though.

--
Custom electronics and digital signage for your business: www.evcircuits.com
Munich government not affected by TheNarrator · 2017-05-12 16:47 · Score: 2

Remember how Munich switched to Linux? Yup, not affected.
Plenty of blame to spread around by cpm99352 · 2017-05-12 16:52 · Score: 1

1, Microsoft has always had a disclosure that their OS is not suitable for life-critical applications

2. NSA has a dual mission -- the second (neglected) mission is to ensure the security of domestic computer networks
Microsoft is not responsible, of course? by dschiptsov · 2017-05-12 17:55 · Score: 1

No responsibility for a crappy design and insecure coding for decades?
Doh by Martin+S. · 2017-05-12 19:43 · Score: 1

He is a doctor not an IT consultant, this is failure of IT management failure.
NHS Digital is provided by outside private sector IT Consultancies and has been beset with failure for years.
1. Re:Doh by HiThere · 2017-05-13 06:32 · Score: 1
  
  It's not just an IT failure. It's a management failure AND a failure of law AND a failure of manufacturing. Many medical devices should NOT have IP connections. They should send and receive text streams that are ONLY data, not executable, even by an interpreter. The laws about certification of equipment should recognized that unpatched devices should be forbidden contact with the internet. Etc. And manufactures should be liable if their device connects to the internet and they don't insist that patches be applied.
  The real answer is isolation from external control. They need to be able to accept data, but not commands...commands should be local. (I'll grant that the line between data and commands is a bit fuzzy, so this is would require a bit of interpretation...but definitely no IP connections, and ECMAScript, etc., in any HTML.)
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
Even Windows XP, Windows 8, and Server 2003 by FlaSheridn · 2017-05-13 00:54 · Score: 1

No. I am not in the habit of praising Microsoft, but: https://blogs.technet.microsof... & https://technet.microsoft.com/...
Re: That only happened to idiots. by HiThere · 2017-05-13 06:07 · Score: 2

Actually, I think many of them were primarily used by people who didn't even know they were using a computer. They thought they were using an XRay machine or some such. And that those people had no authority to tamper with the software.
I'll grant that there were lots of other infected groups, but many of them had good reason to not update their systems. The problem is those machines should never have been connected to the net, and THAT is at least 2/3 on the manufacturers. But MS doesn't deserve any denial of blame, nor does NSA. There's lots of groups that you can point to who were doing short-sighted ego-centric optimization. I can't think of even ONE in a position of power that either primarily acted for social benefit, or appears to have had that as their motive.

--

I think we've pushed this "anyone can grow up to be president" thing too far.
Re: so explain how i had the feature off in window by HiThere · 2017-05-13 06:13 · Score: 1

I think you're either lying or incompetent. Possibly because you don't use MS Windows. I know that I don't, but this same effect has been reported by enough different people that to deny it is unreasonable. I'm *not* certain that it was true for all editions of MS Windows, as there have been simultaneous reports where some people said it was happening despite being turned off and others denied that they were seeing the effect. One possible explanation is that different editions of MS Windows acted differently.

--

I think we've pushed this "anyone can grow up to be president" thing too far.
Re:Exactly. Precisely spot-on. by Areyoukiddingme · 2017-05-13 08:28 · Score: 1

Governments couldn't advocate for the "elimination of general purpose computers". The split second they did so, you'd have every industry on earth screaming bloody murder, along with various groups like the EFF, FSF, ACLU, etc.
It's already illegal to root your iPhone. It's called the DMCA. EFF, FSF, and ACLU did indeed scream bloody murder. No one cared. You don't even know what it meant. There are 2.1 billion pocket computers in use today, and for the vast majority of them, it is illegal for their owner to assume full control of the software of the device.
Think about that for a while.
Re: It's not an old patch either. by dilvish_the_damned · 2017-05-13 10:19 · Score: 1

It seems this is another implication they may want to consider when deciding which patches they want to put off applying until too late.
Or maybe move to a system that isn't so brittle that changes have to be evaluated for months.

--
I think you underestimate just how much I just dont care.
Re:Exactly. Precisely spot-on. by BlueStrat · 2017-05-13 13:12 · Score: 1

Governments couldn't advocate for the "elimination of general purpose computers". The split second they did so, you'd have every industry on earth screaming bloody murder, along with various groups like the EFF, FSF, ACLU, etc.

It's already illegal to root your iPhone. It's called the DMCA. EFF, FSF, and ACLU did indeed scream bloody murder. No one cared. You don't even know what it meant. There are 2.1 billion pocket computers in use today, and for the vast majority of them, it is illegal for their owner to assume full control of the software of the device.
Think about that for a while.
Spot on. The transition away from general-purpose PCs is already well underway. As more and more people begin using their cellphones, tablets, etc almost exclusively and use their home desktops and even laptops less and less, it soon will be hard to find PCs for sale new as demand shrinks, so do the available suppliers, and the cost goes up.
Government at this point doesn't need to do much except make certain they have backdoors and controls in place and wait for demand for PCs to disappear and smartphones coupled with "cashless" currency to be rolled out. They'll have data on pretty much everything about everybody and abilities to monitor, track, control, and analyze individuals on a mass scale, depth, and detail unrivaled...hell, *undreamed of*...in all of human history.
Welcome to the real Matrix where people happily step into the tanks and plug themselves in.
Strat

--
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.