But we don't know how the petya authors would respond upon receiving a ransom payment.. Maybe they would unlock the files but we won't be able to find out now.
It's actually in their interest to unlock files upon receipt of the ransom, as that will increase the chances of any future victims paying too. If files never get unlocked then users won't even consider payment.
All it does is further punish those who want to retrieve their files (assuming the ransomware creator would actually honor the payment, of which there is no guarantee)...
Future malware creators will just use a different email provider or some other method of communication, they won't be deterred from their activities in the slightest.
As with all things it depends on use cases, i'm often on slow and/or metered connections but just as often on fast connections, so disk caching often does make sense. Plus i often run other things than just a browser, so i don't want all my ram occupied by cache.
At least you have choices... Chromium is open source, and de-googled versions are available. And there's always firefox. Apple also don't seem to be so interested in collecting user data as MS and google, and there's also opera.
Yeah i have the same problem these days, i cant stand the prevalence of videos especially ones which provide instructions on technical subjects... I'm often on a slow or metered connection, and often the instructions are based around something textual (eg typing commands) which i would much prefer to cut+paste than try to read/listen from a video... The video may be compressed heavily (only way to make it playable on a poor connection) making text unreadable, and the accent might be hard to understand. Textual commands have no misunderstanding, and no human error if you cut+paste.
Not in cases where MS actually pays people to use their products (which has happened in quite a few places in order to prevent high profile customers moving to linux)
Most embedded systems have only one rendering engine, it would be a waste of resources to have several running at once and a lot of extra work to make the api modular so it could be swapped out (not to mention the inevitable incompatibilities if the replacement engines differed slightly).
It's not the minority of transexuals that are the problem, it's the massive amount of man hours and resources wasted catering to every special interest group that cause a big fuss about minor things, not to mention the huge risk of lawsuits resulting in huge wasting of resources.
While russians are busy hacking, americans are busy scheduling committees to decide on what gender options should be available on a signup form.
Then you should have redesigned the network such that the printers were not directly accessible to users, and they had to funnel data through a central print server which *does* log what was printed and by whom. Aside from the reason given (likely a severe violation of the company code of conduct), you get other benefits too like keeping (usually horrendously insecure) printers away from the user network, being able to tell who's printing copies of company data that might have leaked out, and keeping track of how much is being printed.
"Many eyes makes bugs shallow" is not so much the point... Rather is having a level playing field for everyone, anyone can see the code, good and bad guys alike.
With closed source *you* probably don't have the code and white hat security researchers probably don't have the code, but you have no idea who else (NSA and similar agencies, criminals etc) does. Chances are with closed source those who do have the code are more likely to have hostile motives.
Some packaging is way over the top, and the vast majority of household waste at least for me is in the form of packaging... Virtually no packaging can be reused, not much biodegrades and only some can be recycled through an energy intensive process of melting it all down again.
You don't "give" your wallet to a mugger, the mugger takes it from you forcibly. Even if you physically hand it over, you have done so under duress during the act of being mugged.
Depends what kind of service the customers bought and how much they paid for it.. Unless the hosting provider guaranteed uptime or offered backups as part of the service, they can just say "catastrophic data loss, heres a new blank vm" and that's it. No different to if the building burned down or whatever.
Also, perhaps they were doing backups, but did so to an online target that also got hit by the ransomware? It's not uncommon for backups to be performed to online storage like this, as people usually think of backups as a way to mitigate hardware failure and don't plan for things like intentional destruction of data.
In some jurisdictions it is illegal to knowingly do business with criminals... By giving criminals money you are encouraging further crime by demonstrating that crime does pay, and many police forces will come down pretty hard on this.
Obtaining documents that you believe may have been illegally obtained from your clients is also questionably legal, you are collecting evidence which is the job of law enforcement, and there is also the chance that those aren't your clients documents and your obtaining something totally illegal.
Insurance will cover the cost of replacing the hardware, backups take care of recovering the data, just make sure the backups don't get stolen/destroyed with the machine.
If the thief can't power the machine on due to a password they will either throw it away, or sell it cheap to someone more capable of dealing with it who will either wipe the data and install fresh or just sell the individual components.
You assume that they need to break the encryption... They could attempt to hack the VPN provider, clearly they have access to plenty of undisclosed vulnerabilities and have skilled people working for them so this isn't outside the realms of possibility. If the VPN provider is under their jurisdiction, or that of their allies, they could demand access. They could demand access to payment details for the VPN provider, and correlate this data with others to build up profiles of people's identities. Plenty of attacks are possible...
While everyone collaborating on a single open source firmware may make sense in many ways there are still problems with this approach...
Some will contribute a lot while others will just leech off the community, this may anger those who do contribute and discourage them from doing so. Inevitably there will be disagreements and you'll end up with incompatible forks. Some vendors will introduce vulnerabilities not present in the core code, or produce devices which never get updated etc and damage the reputation of the underlying platform. Other vendors will still produce their own proprietary firmwares but start advertising them as "secure" because they don't have as many vulnerabilities found as the dominant platform - either because their code really is better written, or more likely because its so niche that few people bother looking for holes. If everyone runs the same software you get a monoculture, while there may be less vulnerabilities found each one will be far more severe due to the much larger number of affected users. No software will ever be perfect, so inevitably some holes will still be found. The software will end up bloated trying to serve everyone's needs, and do so badly.
If you play by the rules but your adversaries don't, then you are at a disadvantage...
Yes the NSA/CIA have 0day exploits, but so do the intelligence agencies of russia, china, israel, north korea etc, and so do organised criminals. If the NSA gave up theirs, that would just make it easier for the others.
Also likely these tools leaked quite some time ago, and 802.11ac wasn't around yet. But even if such versions aren't listed, that doesn't mean the vulnerabilities aren't still present. If they weren't previously disclosed then the vendors are unlikely to have fixed them and the newer versions will often reuse a lot of the same code.
In fact anyone selling music *could* be using it to fund terrorism... Therefore the only option is to download it for free, as no money is made there is no change of any money being made by terrorists.
No but diversity is a good defence... If everyone runs the same thing then everyone has the same vulnerabilities, if there are a variety of different systems out there it becomes much harder to attack.
You don't even buy "new" hardware to run corporate desktops...
Gamers and other niche users buy new hardware and pay a premium for it. Corporate desktops run on older generation hardware without paying the early adopter premium.
Competent admin support for windows is as rare and expensive as linux admin support, the difference is that there is a lot lower availability of cheap and incompetent support staff (generally because such inexperienced people have never even heard of linux). But the end result of using such cheap staff is not good, you will end up with severe security and stability problems.
Slashdot Mirror
But we don't know how the petya authors would respond upon receiving a ransom payment.. Maybe they would unlock the files but we won't be able to find out now.
It's actually in their interest to unlock files upon receipt of the ransom, as that will increase the chances of any future victims paying too. If files never get unlocked then users won't even consider payment.
All it does is further punish those who want to retrieve their files (assuming the ransomware creator would actually honor the payment, of which there is no guarantee)...
Future malware creators will just use a different email provider or some other method of communication, they won't be deterred from their activities in the slightest.
As with all things it depends on use cases, i'm often on slow and/or metered connections but just as often on fast connections, so disk caching often does make sense. Plus i often run other things than just a browser, so i don't want all my ram occupied by cache.
At least you have choices...
Chromium is open source, and de-googled versions are available. And there's always firefox.
Apple also don't seem to be so interested in collecting user data as MS and google, and there's also opera.
Yeah i have the same problem these days, i cant stand the prevalence of videos especially ones which provide instructions on technical subjects... I'm often on a slow or metered connection, and often the instructions are based around something textual (eg typing commands) which i would much prefer to cut+paste than try to read/listen from a video... The video may be compressed heavily (only way to make it playable on a poor connection) making text unreadable, and the accent might be hard to understand. Textual commands have no misunderstanding, and no human error if you cut+paste.
Not in cases where MS actually pays people to use their products (which has happened in quite a few places in order to prevent high profile customers moving to linux)
Most embedded systems have only one rendering engine, it would be a waste of resources to have several running at once and a lot of extra work to make the api modular so it could be swapped out (not to mention the inevitable incompatibilities if the replacement engines differed slightly).
It's not the minority of transexuals that are the problem, it's the massive amount of man hours and resources wasted catering to every special interest group that cause a big fuss about minor things, not to mention the huge risk of lawsuits resulting in huge wasting of resources.
While russians are busy hacking, americans are busy scheduling committees to decide on what gender options should be available on a signup form.
Then you should have redesigned the network such that the printers were not directly accessible to users, and they had to funnel data through a central print server which *does* log what was printed and by whom. Aside from the reason given (likely a severe violation of the company code of conduct), you get other benefits too like keeping (usually horrendously insecure) printers away from the user network, being able to tell who's printing copies of company data that might have leaked out, and keeping track of how much is being printed.
"Many eyes makes bugs shallow" is not so much the point...
Rather is having a level playing field for everyone, anyone can see the code, good and bad guys alike.
With closed source *you* probably don't have the code and white hat security researchers probably don't have the code, but you have no idea who else (NSA and similar agencies, criminals etc) does. Chances are with closed source those who do have the code are more likely to have hostile motives.
Some packaging is way over the top, and the vast majority of household waste at least for me is in the form of packaging...
Virtually no packaging can be reused, not much biodegrades and only some can be recycled through an energy intensive process of melting it all down again.
If they want to backdoor your database, they had the access to do so without drawing attention to their presence by demanding a ransom...
You don't "give" your wallet to a mugger, the mugger takes it from you forcibly. Even if you physically hand it over, you have done so under duress during the act of being mugged.
Depends what kind of service the customers bought and how much they paid for it..
Unless the hosting provider guaranteed uptime or offered backups as part of the service, they can just say "catastrophic data loss, heres a new blank vm" and that's it. No different to if the building burned down or whatever.
Also, perhaps they were doing backups, but did so to an online target that also got hit by the ransomware? It's not uncommon for backups to be performed to online storage like this, as people usually think of backups as a way to mitigate hardware failure and don't plan for things like intentional destruction of data.
In some jurisdictions it is illegal to knowingly do business with criminals... By giving criminals money you are encouraging further crime by demonstrating that crime does pay, and many police forces will come down pretty hard on this.
Obtaining documents that you believe may have been illegally obtained from your clients is also questionably legal, you are collecting evidence which is the job of law enforcement, and there is also the chance that those aren't your clients documents and your obtaining something totally illegal.
This...
Insurance will cover the cost of replacing the hardware, backups take care of recovering the data, just make sure the backups don't get stolen/destroyed with the machine.
If the thief can't power the machine on due to a password they will either throw it away, or sell it cheap to someone more capable of dealing with it who will either wipe the data and install fresh or just sell the individual components.
SCSI scanners actually use a standard protocol and shouldn't need drivers...
You assume that they need to break the encryption...
They could attempt to hack the VPN provider, clearly they have access to plenty of undisclosed vulnerabilities and have skilled people working for them so this isn't outside the realms of possibility.
If the VPN provider is under their jurisdiction, or that of their allies, they could demand access.
They could demand access to payment details for the VPN provider, and correlate this data with others to build up profiles of people's identities.
Plenty of attacks are possible...
In an ideal world noone would do it, but if everyone else is doing it then you have to do so too or else you fall behind.
While everyone collaborating on a single open source firmware may make sense in many ways there are still problems with this approach...
Some will contribute a lot while others will just leech off the community, this may anger those who do contribute and discourage them from doing so.
Inevitably there will be disagreements and you'll end up with incompatible forks.
Some vendors will introduce vulnerabilities not present in the core code, or produce devices which never get updated etc and damage the reputation of the underlying platform.
Other vendors will still produce their own proprietary firmwares but start advertising them as "secure" because they don't have as many vulnerabilities found as the dominant platform - either because their code really is better written, or more likely because its so niche that few people bother looking for holes.
If everyone runs the same software you get a monoculture, while there may be less vulnerabilities found each one will be far more severe due to the much larger number of affected users. No software will ever be perfect, so inevitably some holes will still be found.
The software will end up bloated trying to serve everyone's needs, and do so badly.
If you play by the rules but your adversaries don't, then you are at a disadvantage...
Yes the NSA/CIA have 0day exploits, but so do the intelligence agencies of russia, china, israel, north korea etc, and so do organised criminals. If the NSA gave up theirs, that would just make it easier for the others.
Also likely these tools leaked quite some time ago, and 802.11ac wasn't around yet. But even if such versions aren't listed, that doesn't mean the vulnerabilities aren't still present. If they weren't previously disclosed then the vendors are unlikely to have fixed them and the newer versions will often reuse a lot of the same code.
In fact anyone selling music *could* be using it to fund terrorism...
Therefore the only option is to download it for free, as no money is made there is no change of any money being made by terrorists.
No but diversity is a good defence...
If everyone runs the same thing then everyone has the same vulnerabilities, if there are a variety of different systems out there it becomes much harder to attack.
You don't even buy "new" hardware to run corporate desktops...
Gamers and other niche users buy new hardware and pay a premium for it. Corporate desktops run on older generation hardware without paying the early adopter premium.
Competent admin support for windows is as rare and expensive as linux admin support, the difference is that there is a lot lower availability of cheap and incompetent support staff (generally because such inexperienced people have never even heard of linux).
But the end result of using such cheap staff is not good, you will end up with severe security and stability problems.