Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Telemetry Shows Petya Infections in 65 Countries Around the World (microsoft.com)

Posted by msmash on from the ransomware-spreads dept.

From a blog post by Microsoft: On June 27, 2017 reports of a ransomware infection began spreading across Europe. We saw the first infections in Ukraine, where more than 12,500 machines encountered the threat. We then observed infections in another 64 countries, including Belgium, Brazil, Germany, Russia, and the United States. The new ransomware has worm capabilities, which allows it to move laterally across infected networks. Based on our investigation, this new ransomware shares similar codes and is a new variant of Ransom:Win32/Petya. This new strain of ransomware, however, is more sophisticated. [...] Initial infection appears to involve a software supply-chain threat involving the Ukrainian company M.E.Doc, which develops tax accounting software, MEDoc. Although this vector was speculated at length by news media and security researchers -- including Ukraine's own Cyber Police -- there was only circumstantial evidence for this vector. Microsoft now has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc updater process. A New York Times reports how rest of the world is dealing with Petya. From the article: A fuller picture of the impact will probably emerge in the coming days. But companies and government offices worldwide appeared less affected than the WannaCry attack, notably in places like China, which was hard hit in May. Reports from Asia suggested that many of the companies hit were the local arms of European and American companies struck on Tuesday. In Mumbai, India, a port terminal operated by A.P. Moller-Maersk, the Danish shipping giant, was shut after it disclosed that it had been hit by the malware. In a statement, Indian port authorities said they were taking steps to relieve congestion, such as finding places to park stranded cargo. The attack shut the terminal down on Tuesday afternoon. On the Australian island of Tasmania, computers in a Cadbury chocolate factory owned by Mondelez International, the American food company, displayed the ransomware message, according to the local news media.

86 comments

  1. MS Users Deserve It by Anonymous Coward · · Score: 5, Insightful

    Companies and individuals that choose Windows deserve what they get. An inherently insecure operating system, which they have no control over.

    Companies and individuals that do not back up their data deserve what they get. Total data loss.

    Companies and individuals that pay ransomware authors deserve what they get. More malware targeted at their systems.

    1. Re: MS Users Deserve It by GreatKhalCaleb · · Score: 2, Funny

      Found the screeching Linux fanboy.

    2. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Oh, so you support terrorists then??? Fuck you!!!!!

    3. Re:MS Users Deserve It by IWantMoreSpamPlease · · Score: 4, Insightful

      >>Companies and individuals that choose Windows...

      You have no idea what you are talking about. Furthermore, plenty of mission critical, and hell, even day to day, software, ONLY runs under Windows. So you want to do business, you have no choice, MS or nothing.
      And no, WINE won't cut it, many software packages refuse to run under emulation (we have several that way) and are programmed to look for such an environment (including VMs) and shut down if they encounter it.

      I'm a linux fan, but people like you aren't helping linux, you're hurting it.

      --
      So rise up, all ye lost ones, as one, we'll claw the clouds.
    4. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      I guarantee is just an ugly troll. Nothing to do with Linux.

    5. Re:MS Users Deserve It by Paradise+Pete · · Score: 2

      it is the gold standard for 90% of the worlds business

      It's the norm. It's not the "gold standard." That means something different. If it were the gold standard that would mean it was the clear best, the one that all others aspire to and are measured against.

    6. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      Companies and individuals that choose Windows deserve what they get. An inherently insecure operating system, which they have no control over.

      Companies and individuals that do not back up their data deserve what they get. Total data loss.

      Companies and individuals that pay ransomware authors deserve what they get. More malware targeted at their systems.

      Citizens who support and fund government intelligence agencies creating hacking tools from undocumented vulnerabilities deserve what they get.

      Seems you conveniently forgot what ultimately caused all of this shit.

    7. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Well, it's currently M$ OS gets infected with this weeks malware outbreak, on nearly a weekly basis, vs Linux which, well, when compared at this scale, seems to be pretty solid really.

      Or any other OS is solid for that matter really when compared to Windows. Windows really is Microsoft just polishing a turd, when in reality it should dump the fucking OS and start from scratch without any of the old crap being carried over.

      What will eventually happen is that every home user will eventually get fed up with windows attacks like this and go somewhere else. When all enough home users start doing this, then your business case for windows collapses pretty quickly (as people use another OS and see there's a choice), and lots more options for OS's open up.

    8. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Oh, so you support terrorists then??? Fuck you!!!!!

      When bashing support, try and remember where this "terror" originated. EternalBlue ring a bell in that thick skull of yours?

    9. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Yeah, I do! But do you remember EverlastingGreen?

    10. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Sorry, off my meds again.

      I just get so excited to bash on M$ whenever I can, I just cannot seem to stop.

      What I meant to say was that it is super sad that there are people in the world (we call them criminals) that take advantage of every opportunity to screw everyone that they can out of their money, livelyhood, lives. And it just so happens that Microsoft has the largest share of machines out there, so they end up getting hit the worst. Sure, Linux has had a pretty major uptick in ransom-ware and viruses lately, but I usually try to not mention that because it goes against my rabid dislike of M$. Hopefully my meds kick in and I can get back to be a productive member of society instead of the total dick that I show too often on /.

    11. Re:MS Users Deserve It by unrtst · · Score: 5, Insightful

      You are exactly the person the GP was referring to.
      You acknowledge that you (or some business) has purposefully chosen software that ONLY runs under windows. That software goes out of its way to ensure you can not run it under emulation (as opposed to embracing those common libraries and making minor updates to make it compatible, as other providers have done). Then you embrace the hole you were shoved into, rather than finding software to avoid these endless recurring issues.

      There was no mention of Linux anywhere in the GP post, but you dragged that in. You say you're a linux fan, but I don't buy it. You refer to this guy like he's a nutter, and then associate him with Linux. How is that something a Linux fan would do? Or maybe you referred to Linux because you believe it's secure and/or less vulnerable to these issues?

      It's not like you simply don't remember the past, and so are condemned to repeat it. You know it, and still make that decision. Yep, you deserve what you know you are going to get.
      [Morrison] https://www.youtube.com/watch?...

    12. Re:MS Users Deserve It by Bongo · · Score: 1

      Exactly. They are confusing de-facto standard with gold standard.

    13. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      Yes Open Source is so much more secure. Look at OpenSSL!!! Look at those 20 year old flaws in the Linux Kernel. So secure. Much Safe. Wow. You're retarded.

    14. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      I am sure that some see this as justification for all of M$'s spying...but its NOT! The function of an OS is to run the user's choice of programs. Period! It is NOT the function of an OS to spy on users and report back to M$!

      The Win10 Spy-Virus is not an OS, it is spyware, Malware, and Virus all rolled into one and masquerading as an OS!

    15. Re:MS Users Deserve It by Anonymous Coward · · Score: 1

      You have no idea what you are talking about. Furthermore, plenty of mission critical, and hell, even day to day, software, ONLY runs under Windows. So you want to do business, you have no choice, MS or nothing.

      This is a two-way street. Commercial software exists to make software vendors money. Unwillingness to vote with your wallet and or effectively communicate your needs to your sales rep is a choice you as a customer make.

      And no, WINE won't cut it, many software packages refuse to run under emulation (we have several that way) and are programmed to look for such an

      Current versions of WINE are amazing in what they will run. Too bad most distros insist on bundling ancient versions.

      environment (including VMs) and shut down if they encounter it.

      If you're accepting this bullshit from your vendors the problem isn't the vendor it's YOU.

    16. Re:MS Users Deserve It by LordWabbit2 · · Score: 2

      Sometimes it's easier said than done. If the software package your company relies on will only run on windows then you are a bit stuck. Sure you can look for an alternative (and probably free) version of it for linux, but what if there isn't one? What do you do then?

      I do agree about the backups though, regardless what platform you are on, back your shit up.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    17. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      C'mon then - credible* citations of linux malware increases on the web link plz.

    18. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      I don't care where the "gold standard operating system" is running but for Christs sake do not run ICBM's on that!!!!

    19. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      don't bother, they'll fall flat on their faces once they run out of shills to employ on /. to berate other os's

    20. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      For sure. Not very original bashing windows. More like shooting fish in a barrel.

    21. Re:MS Users Deserve It by Dunbal · · Score: 1

      On the contrary I agree with OP. People who act carelessly earn the consequences of their recklessness. If you are not prepared to invest time and money in either securing your system OR ensuring a smooth recovery in the event of a system failure, then you can enjoy the consequences of your laziness and lack of foresight. You obtained a temporary economic advantage over competitors that DO take their data systems seriously, and now you pay the hidden cost of this short cut you took. That's all it is.

      --
      Seven puppies were harmed during the making of this post.
    22. Re:MS Users Deserve It by Dunbal · · Score: 1

      Furthermore, plenty of mission critical, and hell, even day to day, software, ONLY runs under Windows.

      I guess all these people missed the part in the EULA where Microsoft specifically states you should not run mission critical software on their operating system and you will not sue them if anything goes wrong.

      --
      Seven puppies were harmed during the making of this post.
    23. Re:MS Users Deserve It by Dunbal · · Score: 3, Interesting

      Seems you conveniently forgot what ultimately caused all of this shit.

      Microsoft leaving an unpatched security hole in their OS for well over a decade caused all of this. It remains to be seen whether they did this INTENTIONALLY in collusion with the CIA/NSA, trusting in "security by obscurity", or through plain old negligence/incompetence. It's pretty obvious that when the chips are down they will plead the latter, but many suspect it's the former.

      --
      Seven puppies were harmed during the making of this post.
    24. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Why don't these people just use the APK host file generator tool? It protects against all maladies and runs fast, to boot (because it's part of the kernel network stack!)!

    25. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      Companies and individuals that choose Windows deserve what they get. An inherently insecure operating system, which they have no control over.

      Companies and individuals that do not back up their data deserve what they get. Total data loss.

      Companies and individuals that pay ransomware authors deserve what they get. More malware targeted at their systems.

      WOW! What a -10 post. Must have come from a /. mod or something.

      Hey!

      If people don't want to update their OS with patches released by the vendor, then those stupid users deserve what they get.

      If people use pirated software and Microsoft detects that and thus refuses to supply updates, then those stupid users deserve what they get.

      As for those things that can't be updated quickly because of regulations, like the FDA in the US for medical equipment, then that manufacturing industry needs to work hard with it's governing bodies to encourage, nay INSIST upon a more timely review process. And the end users of those devices need to do the same. I think you could also say, "They need to get with the program."

      By the way, "just switch to Linux" doesn't solve the problem when it might include devices covered by regulatory agencies.

    26. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      Except that for every one Linux exploit like that you can name, there are 1000 in Windows, actively used in the wild.

      An Linux, as the OS running most servers, is a huge target. In spite of that it has a drastically better security record than Windows. Perfect no, but when it does have a disclosed flaw it is usually patched in days, not years or months like Windows may be if you are lucky.

    27. Re:MS Users Deserve It by Solandri · · Score: 1

      You say you're a linux fan, but I don't buy it. You refer to this guy like he's a nutter, and then associate him with Linux. How is that something a Linux fan would do?

      I'm a Linux fan (I learned on Unix systems at school, before I ever touched a DOS/Windows PC). And I'd agree Linux has a lot more nutters that Windows. Windows has a lot more dumb users - the type who will go along with something because everyone else is. But Linux has a greater share of what we call conspiracy theorists in other circles.

      Personally, I think both GP and OP are both right. GP is right that companies who chose Windows did so without giving enough weight to its security issues (Unix was designed from the ground up for multiple users; Windows was designed assuming a single root user, with multi-user capability added off as an afterthought). Same with backups - not thinking that they're important because "we never need them", and thus not committing enough money and manpower into a decent backup regimen. OP is right that you can't place the blame entirely on the companies and individuals who chose Windows. These decisions aren't made in a vacuum - the choice of the rest of society matters because that influences compatibility, amount of available software (and its price), and the pool of programmers and admins you can hire from. Unfortunately a lot of the people who made the decision to go with Windows instead of Linux either didn't know enough about tech to be qualified to be making that decision, or are retired (or dead) now and complaining about their past choices doesn't help the present situation.

      So we're saddled with an inferior OS which self-perpetuates via inertia and sunk costs, and nobody wants to take the lead on abandoning it because the people/companies who'll spearhead that effort will pay the highest cost. They're the ones who'll have to trudge through fresh deep snow, while those who follow after get the easier job of following in the trail they've made. Everyone wants to be a follower, not a leader.

    28. Re:MS Users Deserve It by thegarbz · · Score: 1

      You acknowledge that you (or some business) has purposefully chosen software that ONLY runs under windows.

      You're acting as if some people have a choice. Not every application has some open source / cross platform alternative.

      Actually that wasn't quite right. Let me correct myself: MOST MISSION CRITICAL APPLICATIONS in many industries have NO open source / cross platform alternatives.

      If my two options are: Windows or close shop, leave the industry and become a fisherman, hmmm which will I choose... decisions, decisions.

    29. Re:MS Users Deserve It by thegarbz · · Score: 1

      Companies and individuals that choose Windows deserve what they get. An inherently insecure operating system, which they have no control over.

      With a comment that stupid you have no place advising anyone on security. Security problems are primarily due to people. People who operate the systems, and people like *you* who believe security is the choice of a software program, or security is simply unplugging an Ethernet cable.

      The past few years has seen a huge rise in attack vectors and actual malware attacks on other platforms as those other platforms become profitable for people targeting them. We have seen large changes in attack vectors move from exploiting OS insecurity (which isn't very much so on an up to date patched system) to exploiting specific running applications which don't give a crap which OS they are on, or are exploited by the people using those applications.

      But I'm sure you think a 10 year old Linux machine with a long backlog of unpatched CVEs is secure too right? I mean that's what we're talking about. It's not like any of the major issues that have arisen in the past few years have impacted an up to date patched Windows machine within current support. There's a simple reason for that: Idiots like you advise others on security, #noexploitsonlinux. #whybotherupdating.

    30. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      I just checked the eula and there is no mission critical declaimer.

    31. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Please don't stir him.

    32. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      If the vendor offers no alternatives, how about telling them you'd like one? Unless they hear from people that there is a market for a port to a different OS, they won't make one. Have you done that? If not, why not?

      But if you think you REALLY have to use Windows, well, how about planning for the disaster that will happen sooner or later? Meaning Backup and quick Recovery, Security, people who know what they are doing... all that costs some money though. If you don't want to spend that money, you're playing the reverse lottery...

    33. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      Me too, thanks.

    34. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Anybody remember ravishingRed? No? Ahhh fuck it. **kicks rocks down the road**

    35. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Not exactly, no. MS doesn't have the largest share - only about 20%. The other 80% of computers run some sort of UNIX - which happens to be mostly Linux.

    36. Re: MS Users Deserve It by dougdonovan · · Score: 1

      gates did a good job but its 20 years past time for the corporate environments to get a clue and listen to their sysadmins when they say its time to update. then again, the corporate officers and stock holders could care less so......

    37. Re: MS Users Deserve It by Anonymous Coward · · Score: 0

      Fishermen? That's what I'd pick if I had the option.

      Fuck this industry man. It has gotten so out of control. I think the problem is it's growing way too fast to remain stable. Instead of fixing what we have, we just add on more bullshit.

      I liken it to the Chinese dynasty rule. China protected its borders and never tried to invade or really take over other lands. They believed china was the earth and heaven. So why go on conquest to bring in more people and land. Instead let's make what we have better. They protected their lands from the warlords to the Mongols and down to the Manchus. Being overrun only twice in all that time. Only to regroup and reclaim control. And I believe this is a big reason why the dynasties ruled over china for so long, from BC up until 1912 when Piyu abdicated his thrown. The world had just become too big and new ideas were spreading.

    38. Re:MS Users Deserve It by Dunbal · · Score: 1

      The manufacturer or installer, and Microsoft, exclude all implied warranties and conditions, including those of merchantability, fitness for a particular purpose, and non-infringement.

      you may not under this limited warranty, under any other part of this agreement, or under any theory recover any damages or other remedy, including lost profits or direct, consequential, special, indirect, or incidental damages. The damage exclusions and remedy limitations in this agreement apply even if repair, replacement or a refund does not fully compensate you for any losses, if the manufacturer or installer, or Microsoft, knew or should have known about the possibility of the damages, or if the remedy fails of its essential purpose.

      If your local law allows you to recover damages from the manufacturer or installer, or Microsoft, even though this agreement does not, you cannot recover more than you paid for the software (or up to $50 USD if you acquired the software for no charge).

      Learn to read. It says they're not responsible for anything at all and the most you can do is get your purchase price back. This is not "boilerplate", this is "we're selling you a license and it doesn't matter if it's a steaming turd that never actually works at all, you can't sue us." Go ahead and run your "mission critical" software on that.

      --
      Seven puppies were harmed during the making of this post.
    39. Re:MS Users Deserve It by Applehu+Akbar · · Score: 1

      "The reason that the Windows operating system is being targeted is that it is the gold standard for 90% of the worlds business computing needs."

      Actually, Windows is the peeling gilt standard that is being attacked because of its vulnerability.

    40. Re:MS Users Deserve It by unrtst · · Score: 1

      Sorry, but I'm grabbing a quote out of context from you, cause I've heard similar things said less clearly before. I think you stated this very well:

      the choice of the rest of society matters because that influences compatibility, amount of available software (and its price), and the pool of programmers and admins you can hire from. ... So we're saddled with an inferior OS which self-perpetuates via inertia and sunk costs...

      Very good software was written for multiple platforms back when there was a small fraction of the number of users. The huge growth in availability and use of computers should make it far easier to support development of software for a wide variety of OS's and platforms, through separate companies/products, or cross platform work, as well as direct competition within the same OS/platform. The latter can even be seen in the summary, where MEDoc, which is tax accounting software, was apparently the initial attack vector. There's tons of competition within the same OS/platform for the same market. It's very rare that there is some field that isn't well represented across multiple OS's. Where there is, it's often such a specialized product that support for it would likely be enough to easily fund a port to other OS's, or a complete redesign by a competitor.

      IE. that't not really true on this scale with respect to the top several OS's. If you're talking about BeOS or something more obscure, sure, the numbers can't easily support development of everything that exists for other mature OS's. But if you're talking Linux or MacOSX, the numbers are way larger than the entire industry from not that far back.

      That said, if one is arguing that they must have MS Office, and only MS Office will due, or they must have MSIE, and only MSIE will do, that's an entirely different position. There are perfectly good alternatives, but they've included the product name as part of the requirements. FWIW, I've been guilty of this WTR products like Apache HTTP Server - I just don't want to redo my configs and relearn things, but that doesn't mean other products aren't as good or better.

    41. Re:MS Users Deserve It by IWantMoreSpamPlease · · Score: 2

      Fair enough. Do, please, find me Open Source alternatives for the following software packages, so I can tell the laboratory I work for, to dump all Windows-only software, that has been certified that the results will hold up legally in court, and run this new stuff that you have found:
      https://products.appliedbiosys...

      ChemoView by AB Sciex
      NI Curl
      NI Dynamic Acquisition
      NI MetaSuite
      WinTox
      SmartCycler/LightCycler

      Most of these software packages run on multi-million dollar laboratory instruments, FYI. Some of them, *mandated* by the Federal gov't, ONLY run under WinXP SP1 (how's that for a gotcha?)

      As far as Linux goes, I stand corrected, someone else pointed out he must be a raving Linux fan as only they can be so blind as to think Linux solves all issues.

      So, do find me alternatives, and that's just for starters. Much of what we run is very specialized and.simply.doesn't.exist outside of the Windows environment.

      Step into the real world of business one day, you'll see what works, and what doesn't.
      (BTW, I'm working, in my own time, on RNNs through Ubuntu 16.04 LTS and CUDA supported nVidia cards. I am a Linux fan)

      --
      So rise up, all ye lost ones, as one, we'll claw the clouds.
    42. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      No more insecure than Linux. Hackers just don't target Linux cause consumers don't use it.

    43. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      > You say you're a linux fan, but I don't buy it.

      So there's a code of conduct now that "Linux fans" must adhere to? That certainly re-enforces the stereotype that the hardcore ones live within their own world...

    44. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      > It remains to be seen whether they did this INTENTIONALLY in collusion with the CIA/NSA,

      Nice to see the paranoid delusions that was so pervasive on /. so long ago is still alive and kickin'.

    45. Re:MS Users Deserve It by Agripa · · Score: 1

      Nice to see the paranoid delusions that was so pervasive on /. so long ago is still alive and kickin'.

      The various NSA and domestic law enforcement leaks over the past couple of years have only convinced me that I was not paranoid enough. They have been doing everything I seriously considered and more.

    46. Re:MS Users Deserve It by Anonymous Coward · · Score: 0

      I doubt it was for that, making an OS is a daunting process, more likely they got lazy with that and got busy with another thing, what is more probably is that they tell all the known faults to authorities.

  2. Microsoft's infection detecting other infections by JoeyRox · · Score: 4, Funny

    How Inception-like.

  3. Who owns this malware ridden OS? by Anonymous Coward · · Score: 2, Interesting

    Since we don't 'own' the OS anymore, but simply license it for our use, doesn't that put the responsibility of a malware infection squarely on the 'owner' of the OS?

    1. Re:Who owns this malware ridden OS? by Kierthos · · Score: 1

      I'm sure that with Microsoft's Army of Lawyers(tm), they've got some weasel language in the Terms of Service that either absolve them of responsibility, or shove it onto users who don't properly patch their machines.

      Even if they don't, good luck with that lawsuit. (Refer again to the Army of Lawyers(tm)).

      --
      Mr. Hu is not a ninja.
    2. Re:Who owns this malware ridden OS? by Waffle+Iron · · Score: 1

      The "owner" only allows you to use the software if you agree to their terms, which make it abundantly clear that they have absolutely no responsibility for anything at all.

  4. I've heard this one before... by puddingebola · · Score: 1

    It's seems like companies would search for other software to avoid these endlessly recurring ransomware/spyware/malware infections, but after 15 years of them it doesn't appear to be the case. This is normal and accepted.

    1. Re:I've heard this one before... by Anonymous Coward · · Score: 0

      More like 30 years.

    2. Re:I've heard this one before... by Z00L00K · · Score: 1

      MS-DOS appeared 35 years ago.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  5. Telemetry by ichthus · · Score: 4, Funny

    Welp, I guess that's one good use for Microsoft's spyware *cough* d'ah I mean, telemetry. Now they can see how many of their customers' systems are infected with malware in real time. Sure, if you can't secure the OS, why not then grab a bucket of popcorn and enjoy the fun?

    --
    sig: sauer
    1. Re:Telemetry by Big+Hairy+Ian · · Score: 4, Interesting

      I think the interesting thing here is even 15 year old unsupported M$ OSs are bleeding telemetry.

      --

      Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    2. Re:Telemetry by subanark · · Score: 1

      Microsoft came to the realization that building an impenetrable system for common use is impossible and attempting it will just make it unusable. So instead they focus on reactive solutions. I have a secure laptop at work with a white list of programs and websites I can visit I only use it if I need to preform a secure operation though. Even then this isn't a perfect solution and nothing is.

    3. Re:Telemetry by infolation · · Score: 2

      If they spent less time building telemetry into their systems to check how malware-infested they are, and more time actually securing their systems against the malware, they'd have less of this damn ransomware nonsense.

    4. Re:Telemetry by chispito · · Score: 1

      Welp, I guess that's one good use for Microsoft's spyware *cough* d'ah I mean, telemetry. Now they can see how many of their customers' systems are infected with malware in real time. Sure, if you can't secure the OS, why not then grab a bucket of popcorn and enjoy the fun?

      It doesn't take a genius to figure out Windows Defender is how they get information on infections. Or maybe around here it does.

      --
      The Daddy casts sleep on the Baby. The Baby resists!
    5. Re:Telemetry by ichthus · · Score: 1

      So, Windows Defender can detect and report infections, but not Defend against them? So then, it should be called Windows Infection Reporter, instead of Defender.

      --
      sig: sauer
    6. Re:Telemetry by Anonymous Coward · · Score: 0

      And I thought it would be the LACK of telemetry though would be the sight of thousands of PCs being suddenly silenced at once.

    7. Re:Telemetry by Solandri · · Score: 1

      If the telemetry can detect it, why can't they put out an emergency patch to stop it the moment it's detected?

    8. Re:Telemetry by chispito · · Score: 1

      So, Windows Defender can detect and report infections, but not Defend against them? So then, it should be called Windows Infection Reporter, instead of Defender.

      You know, based on the wording, that is hard to argue. Maybe I'm wrong and they actually are using the built in "telemetry" in Win10 to report on indicators of compromise.

      It doesn't really make sense though as the malware doesn't just encrypt your data, it reboots your computer to a lock screen. So either the malware was indeed blocked, or they were able to extract the necessary telemetry in the one hour before the machines restarted.

      --
      The Daddy casts sleep on the Baby. The Baby resists!
    9. Re:Telemetry by Anonymous Coward · · Score: 0

      Blame Microsoft. They're doing shit all the time.

    10. Re:Telemetry by subanark · · Score: 1

      Telemetry doesn't detect it. People who analyze the telemetry do. E.g. if Microsoft sends back thumbprints of programs you run, then they can later match those thumbprints against found malware. By the time they add a virus definition to stop it it is too late.

  6. Just like the commercial by Anonymous Coward · · Score: 1

    "Oh I'm not a malware protection application, I'm just a malware monitor. You've been infected."

    (commercial on TV in the USA, at least)

  7. Act of war by PopeRatzo · · Score: 0

    Let's not bullshit or pretend that being "techie" makes it somehow better. Malware = terrorism. And yes, that swings both ways.

    --
    You are welcome on my lawn.
    1. Re:Act of war by Big+Hairy+Ian · · Score: 4, Insightful

      Let's not bullshit or pretend that being "techie" makes it somehow better. Malware = terrorism. And yes, that swings both ways.

      Actually Malware = Extortion in this instance

      --

      Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    2. Re:Act of war by Anonymous Coward · · Score: 0

      Let's not bullshit or pretend that being "techie" makes it somehow better. Malware = terrorism. And yes, that swings both ways.

      Actually Malware = Extortion in this instance

      Nothing on the internet is serious, I turned mine off and the "terrorism" stopped. Stop relying on computers to run the world or your life, that's retarded - the future is analog!

    3. Re:Act of war by WaffleMonster · · Score: 3, Insightful

      Let's not bullshit or pretend that being "techie" makes it somehow better. Malware = terrorism. And yes, that swings both ways.

      Behind every act of terrorism there is political demands to enforce rules backed by threat of violence from an external entity challenging a states monopoly on violence.

      Malware is generally just another criminal commercial money making enterprise. Whether it's a group of poor Canadian crackers looking to enrich themselves or multi-national corporations (e.g. Microsoft) profiting off distribution of malware.. it may be illegal or immoral yet without the political demands it is not terrorism.

    4. Re:Act of war by PopeRatzo · · Score: 1

      Behind every act of terrorism there is political demands to enforce rules backed by threat of violence from an external entity

      When health care systems or infrastructure or the financial system are targeted, yeah it's terrorism.

      Either way, purveyors of malware should be considered combatants, and treated accordingly. I see zero reason to give them the benefit of understanding. That includes Microsoft, who should face the corporate equivalent of being considered a combatant and broken up via anti-trust laws.

      --
      You are welcome on my lawn.
    5. Re:Act of war by ChunderDownunder · · Score: 1

      Perhaps both?

      My local tv news suggested the Ransomware concentrated largely on Ukraine - suggesting an agenda beyond the financial.

  8. Cyber Police! by Anonymous Coward · · Score: 0

    cyber
    cyber
    cyber
    woohoo!

    1. Re:Cyber Police! by GameboyRMH · · Score: 1

      So in Ukraine, you CAN actually report someone to the Cyber Police! XD

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
  9. infected by roc97007 · · Score: 4, Funny

    Yeah, I know, my machine got infected. I know 'cuz I got a call just the other day from a very helpful person. "Hello, I'm from The Microsoft, ok? I'm calling you about your computer, ok? Your computer is infested with the viruses, ok?" He helped me straighten it out. Cost me $300 and my machine runs a little slower now, but I'm sure it was worth it.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  10. Independant updaters. by Gravis+Zero · · Score: 1

    What this proves is what people have been saying about updaters that come packaged with many applications: they are not secure. Updates need to be done using signed binaries, not simply signed executables. Signed executables on are nice but completely worthless if they are entirely optional. Also, actually checking the signature is a key element to the whole system which is oddly omitted on occasion.

    A standardized system for applications to actually do software updates using the Windows Update system (and their secured servers) would be helpful to everyone. It's disappointing that MS doesn't make it a service for developers to buy into.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:Independant updaters. by jader3rd · · Score: 1

      It's disappointing that MS doesn't make it a service for developers to buy into.

      Haven't you ever seen updates for non-MS software in Windows Update? I know that I do occasionally. It's not uncommon to see on Slashdot, someone complaining about software for device drivers being delivered via Windows Update, and they wish that they had a way to block it. The issue is that Microsoft knows that any updates coming through Windows Update, are attached to their name. So if there's something wrong with the update the average user is going to blame Microsoft, not the company who authored the update. As a result, any update pushed through Windows Update has to pass a gauntlet of tests. Most developers find this to be very annoying, and don't want to deal with it. That and I'm pretty sure there's a cost for every execution of the gauntlet.

  11. Put Open Source Developers in Jail by Anonymous Coward · · Score: 0

    For introducing security vulnerabilities in every single Linux release. I mean how much more incompetent can you get? Every linux release has root exploits.

  12. Telemetry efficiency by Anonymous Coward · · Score: 0

    Looks again that MS is more efficient spying(telemetry?) their customers than protecting them.

  13. mirror labyrinth by Anonymous Coward · · Score: 0

    oh wow. feelers into everything, including into "malfunctioning" computers...erm... this doesn't sound right, right?
    people looking at this telemetry data must be stone hearted psychopaths, to not instantly feel utterly sick to the stomach.
    i mean. before it was "kindda" invisible, the reports came from "outside", from users, labs, companies that are on the lookout for stuff like this;
    but now, they get, real live direct reports of their incompetence.

  14. Yet another reason... by LVSlushdat · · Score: 1

    Yet ANOTHER reason for those of us who have quit using Windows and switched to Linux have reason to rejoice...

    --
    THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
  15. Mondelez by Anonymous Coward · · Score: 0

    Sorry, but Mondelez is NOT an American food company. Its main headquarters is in Bremen, Germany. Please check your facts.

  16. The real title by martin_dk · · Score: 1

    Petya's Telemetry shows Microsoft infections in 196 Countries Around the World

  17. WoW - I can't believe I'm saying this, but... apk by Anonymous Coward · · Score: 0

    See subject: THIS is actually a USEFUL FEATURE of MS' Telemetry (though I wish they'd fess up on ALL they send)!

    * So I guess the old adage of "look @ the 'bright-side'" applies - make some GOOD out of 'the bad' etc. - et al...

    ( REPOSTING THIS to spite the PITIFUL FUCK who's downmod bombing me (because I can & the fool can blow those downmodpoints all day long - I'll run the pisspot dry of them so others don't endure their puny bullshit https://tech.slashdot.org/comments.pl?sid=10798087&cid=54704807/ )

    APK

    P.S.=> No fan of telemetry here & yes, I removed it + filtered vs. it in Win7 (& I can't stand Win10 personally) in the OS itself & firewalls + routers (yes, hosts too, though it doesn't matter here)... apk