Slashdot Mirror
Microsoft Claims 'No Known Ransomware' Runs on Windows 10 S. Researcher Says 'Hold My Beer' (zdnet.com)
Earlier this month, Microsoft said "no Windows 10 customers were known to be compromised by the recent WannaCry (WannaCrypt) global cyberattack," adding
that "no known ransomware works against Windows 10 S." News outlet ZDNet asked a security researcher to see how good Microsoft's claims were. Turns out, not much. From the report: We asked Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, a simple enough question: Will ransomware install on this operating system? It took him a little over three hours to bust the operating system's various layers of security, but he got there. "I'm honestly surprised it was this easy," he said in a call after his attack. "When I looked at the branding and the marketing for the new operating system, I thought they had further enhanced it. I would've wanted more restrictions on trying to run privileged processes instead of it being such a short process."
i know nothing...Sgt Schultz
I'm usually a fan of MS, but that is some bull if I ever heard it. Maybe there is not a known ransomware because no one thought to make one yet, I didn't even really realize that OS was even out yet.
MS can't possibly know all the ransomware out there, however, I think MS does a terrible job at fixing anything. I had a friend who bought a MS product but in working with it he found a bug. He calls MS support. They research it but they say with his level of support, they can't go any further without premium support. So he pays for premium support. Premium support confirms that it is a bug. He asks when a fix is possible. They say they are not going to fix it. He asks why the heck did his premium support money do? For the privilege of telling him that it was a bug apparently.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Hardly surprising in that known ransomware isn't allowed to run. Don't antivirus offer the same protection?
What's interesting is that Windows 10 S is supposed to only run apps from the store. So by finding a way for it to run ransomware, they have also found a way for it to run basically any other piece of software. Personally, I don't know why MS thinks it's a good idea to limit the software that runs on a machine. Windows RT failed for a reason. People want to be able to run whatever software they like.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
"We can tell because Windows 10 runs tons of snoopware."
Table-ized A.I.
Back in the days of Mac OS8, he proclaimed that the MacOS was virus-proof.
Big mistake.
By the end of the week at least a dozen or so viriii were released into the wild and Jobs had to eat humble pie.
First rule of holes; When in one, stop digging.
Of course a LUDDITE is going to make LUDDITE lies about Appdows 10 S! He's too stupid to use appy Appdows 10 S, so he pretends that LUDDITE software can app apps when in reality ONLY apps can app apps!
Apps!
Paying the $50 ransom to run real apps. I hope Mozilla and Chrome use this exploit so people don't have to pay $50 just to run a different web browser.
does windows 10 S let intel / amd / nvidia / others run there non app store drivers?
I think this is always silly when a company claims something like this, and I think everyone in the industry understands that. However, it gets headlines, and will be used for marketing. All the normal users though will never see this article explaining why it's bull, but they'll remember 'Hmm Windows S doesn't get ransomware'. Now maybe some of the marketing people really believe this statement, however I highly doubt any of the devs or engineering team truly thought 'ah ha! We've done it!'
I will shred my adversaries. Pull their eyes out just enough to turn them towards their mewing, mutilated faces. Illyria
Even if it was impossible to get ransomware in there, is there any value to it? You know, it's also impossible to run ransomware on my cheap calculator, and that one at least has a following. :P
contact censorship should not be part of an app store if any thing apple can have an adults only one and and an open politics ones
Why aren't macros in Word sandboxed ? Why isn't Word sandboxed ? Why does everything run with admin rights ?
"I'm honestly surprised it was this easy,"
corny
No known person can sing better than I
I don't know many people
Even if you count those few who have received a device running Windows 10S most have probably taken advantage of free Win 10 Pro upgrade. So who would target such a small user base? Not when you have a very big Windows 7 base to attack easier. This to me is obviously another scare tactic to get users to embrace what will obviously be a failed Windows 10 version. Not many have so far felt compelled to embrace a Microsoft walled ecosystem and I doubt they ever will.
... would make it harder for state actors to compromise. State actors want a compromiseable OS.
Windows 10S is nothing more than a play to walled garden Windows, by appealing to consumers fears, all while the customer pays for the pleasure. Hopefully someone will file a class action for false advertising (since actually hacking the OS was a trivial 3 hours for someone who knew what they were doing).
It is high time that companies take cyber security seriously, before someone hacks a windows computer running some critical system and causes a major accident (oh wait, that has happened multiple times already). For far too long companies have played fast and loose with the word secure.
Is it possible for MS to make a hardened version of Windows? Probably, but it would require a fundamental re-thinking of how windows runs, and there would be a performance hit. MS would have to spend real resources on the security aspect, and that would take resources away from developing the shiny interface tweaks that no one gives a shit about but the MBAs think is critical...
If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
The security researcher did NOT use the vulnerability that Wannacry used to install the software. The author and researcher are disingenuous in there characterization.
Does MS realize that infection/breach through macros is NOT a new/unknown/zero day thing? That's why the "Protected View" is in place in the first place..........Yes, the protection is in place....But it doesn't mean that a user isn't going to deliberately ignore any warnings just because, "idk I just thought it was a document from my friend and didn't think about it". That shit happens all the time! This is now a known exploit. I mean, seriously, go fix the issue MS.
Wow, this site is biased. Good on MS for not being compromised yet. It's not that hard to say.
Are they suggesting that the less capable the operating system, the more virus proof it is?
I think I can dig out a set of WfW floppies...
I'll see your Constitution and raise you a Queen.
5. User had shitty password
6. User left device logged in for someone else to access
7. etc
There's a point where it's vulnerable just through software or it's not. I think you can say its more vulnerable than you'd want, at least because it was an actual software vulnerability and didn't require it to be hooked up to some forensic analysis hardware.
Got to be Funny Friday now, and Moaning Monday at Redmond!
Jajajajajajajajaja
No known ransomware is running on my Windows 7 system either.
Seven puppies were harmed during the making of this post.
Drivers for Windows 10 S must meet these requirements. I imagine that participants in a public driver beta test would use Windows 10 Pro instead of Windows 10 S.
I needed a good laugh today.
"I'm pretty sure my last words are going to be 'Hold my beer and watch this'"
Calvin:Do you believe in the devil? Hobbes:I'm not sure man needs the help.
Sure, he managed to crack it. Any security can be cracked if you try hard enough and long enough, but who has the desire or the resources available to invest three man-hours in a pursuit like this? Not many people.
Before Win7 was released, it was the most stable the most secure OS on the planet which is 100 times better than previous version, and then the same was used for Win8.1. Now I won't be surprised the same marketing gimmick is used for Win10S, "No Known Ransomware".
Fool me once, shame on you. Fool me twice, shame on me. But this is already "Fool me thrice..."
captcha: poignant
contact censorship should not be part of an app store if any thing apple can have an adults only one and and an open politics ones
In Your Not So Humble Opinion, of course.
Which part of "People who own iPhones/iPads understand the reasoning behind, and are used to, the App Store Restriction" didn't you understand?
Question: Doesn't "Freedom of Choice" INCLUDE the "right" to join a "Members Only" Club? Afterall, no one FORCES you to buy an iPhone/iPad.
He had to download Word via the app store, create a malicious macro to run it after starting it explicitly with admin privileges, mount a network drive to place the macro (because Word won't run downloaded ones), use the macro from there _and_ explicitly ignore a warning that said it was insecure.
Who calls that easy? This would require a good amount of social engineering, which will always be capable of being used to install and run something arbitrary. Normal users, even with admin rights, don't start Word with administrative privileges. They also would not be able to install the macro in a convenient location just so that it could run. Finally, you would have to convince them to click "Enable" to avoid the security warning, which is probably the easiest part.
How is that any different from running Linux and being tricked to run as root to execute an unknown shell script. Ordinarily the OS is not susceptible to it, but if you force it to be then you can always make it so. It would be just as "easy" to convince the user to let you takeover their desktop via remote desktop, with admin rights, and then you can proceed to pillage their computer.
False advertising at its finest. Microsoft might want to tone back the PR engine just a tad.
English is such a logical and regular language! No wonder it is the language of exchange between peoples.
Linux is for people who don't mind RTFM.
The plural of "virus" is "viruses" in English. Yes, it's a regular plural. "Virii" and related variants are psuedo-Latin nonsense favored by ignorant hipsters.
Based on the comments so far, perhaps four or five people actually read the article
It appears that War4peace is one of these, and so far he is the only person to make a post directly addressing the problems with the linked article based on the technology.
And he got marked down to -1.
WTF Slashdot people.
Virus does not even have a plural form in Latin. Viri (with one i, not three), on the other hand, is correct Latin nominative and vocative plural, as well as genitive singular, of vir.
Two hours before your comment I was at +5... I guess the Microsoft-hating crowd woke up :)
No matter though, I admit I read the article to figure out what the hell did Microsoft fuck up this time, but I couldn't find it. So I thought it would be good to call this specific hate as bullshit, because we all should aim at being objective at least when analyzing hard data.
I pissed off the wrong people, it seems :)
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
In typical modern slashdot fashion, a person is marked up because he made a "cool" sounding claim. This claim of course is unsupported, and is likely made up. But hey, don't let truth get in the way of a good story, right?
This particular lie bothered me because I remembered reading something a long time ago that implied the opposite. I will admit it took me the better part of an hour to find this article. It is about how the U.S. Army had switched to Mac OS in 1999 for their web page, since they were sick of having it defaced. (this is pre OS X).
https://tidbits.com/article/55...
I am beginning to wonder if the difference between a lawyer and the typical shashdot poster is that a lawyer makes a fast based argument, sometimes.
"Liberalism is a very noble idea, currently controlled by some very bad people. Be sure you do not get the two confused.
Even though I will only use win 10 for gaming, I feel like a hostage of a sort, as if I know I am being screwed one way or another.
My computer, running Microsoft products, hardware that I paid for, doesn't feel mine anymore.
Microsoft turning things to shit, one day at a time.
Just install PcMatic. 100% protection from EVERYTHING. ONE HUNDRED PERCENT!
Ahem . . .
will make Micro Soft product suck less. Something called Micro Soft probably is.
Isn't this essentially cheating? If Word is opened by a user, it's only opened at standard user privileges, even if that user is a member of the admin group.
The use of a macro is clever enough. But if it hinges on Word running as Admin, then I have to question whether this is anything more than a publicity stunt.
Because it's hard to have ransomware running on a shit toy gimped OS that very few people want to use and thus not in any kind of widespread use.
I though Windows 10 was ransomware, seeing how Microsoft forces people to use it.
So last chance to switch to Linux Mint before you get eaten up via an avalanche of attack vectors.
Read the whole story and think... Then you'll know this 'researcher' is just bullshitting. You already need to start word in admin-mode (first thing that makes ms their claim still stand), then you need to click on the activate macro's button, and in the end you still need to be able to install the malware which is not on the ms windows store and therefore cannot simply be installed, but that's something he doesn't even do claiming with some bullshit about not wanting his network to be infested.. no this is just a clickbait article by zdnet for triggering some extra ad revenue...
There are two fuck ups. One is allowing macros at all, the other is actually allowing Word to be run as admin (why would you ever need to do this?).
It may be sensationalised, but it isn't bullshit. The running Word as admin could be bypassed with a privilege escalation exploit, which just leaves the problem of getting the user to run the macro, but if you can convince the user it would be useful to them, you can probably get them to jump through the necessary hoops.
That said, your post shouldn't have been modded down, it was a perfectly valid comment.
Fact is, it didn't work out of the box. So none of the 10S machines were infected by Wannacry. Fair enough. However the whole big deal of 10S is that it's supposed to be fricking hard, like Linux/Unix hard to break it since they eliminated all of the buggy 32 bit API calls. Looks like it's the same old crap. They didn't fix the OS. It's like the 16-32 bit transition all over again.
I still see ads saying Mac's don't get viruses.
The researcher should be able to do it whilst holding his beer. Consider it a fair handicap for Windows.
So they aren't wrong!