The last thing you want is to be sitting in a deposition while opposing council tries to dissect your intonations and try and determine the definition of what "is" is
The flip-side is that you don't want opposing council to have copies of cherry-picked email that their client kept that makes you look bad and not be able to produce the emails that put those cherry-picked emails in the proper context, one that proves the complaint against you is bogus.
The bottom line: If you retain stuff, you may be screwed, if you don't, you may be screwed.
The lesson is always assume whatever you put in a computer will eventually become public.
I think it will be quite useful if my entire life, from birth to death, became public 100 generations (or 2000 years, whichever comes later) after I die. Apply that to a representative sample of every culture that ever lived or will live and it would be a boon to anthropologists 2000 years from now.
However, once you start talking about making my life public within a few generations of living memory, or worse, within living memory, that could get dicey and cause real harm to specific people who are still alive ("your great-great-great-great-great-great-grandfather screwed my ancestor out of a plot of land, I'm going to kill you and all of your relatives" kind of thing).
In cases where knowing my life 2000 years from now is likely to cause or inflame ancient-but-still-living hatreds (think: some of the conflicts in and around the location of the modern state of Israel), push the date back further until this is no longer an issue. In other words, 2000 years/100 generations may be too short of a time before my life can be made public without hurting people.
It wouldn't have occurred to you to check if a thing is legal if you didn't know that it was unethical, otherwise you would have just thought that it was obvious that it was OK.
Um. Nope.
There are plenty of things that are ethical and even commendable on their face but due to a law, contract, or some other thing that you, the employee or manager, don't know about, it may be illegal or violate a contract if you do it.
In a well-run company, upper management will tell everyone the broad areas that must be run through legal/finance/upper management for approval, and make sure the approving departments/managers have all the information they need to make quick, correct decisions on almost all cases. In a very-well-run company there may even be do-it-yourself pre-screening checklists, so if the "broad area" is "doing business with a foreign country or foreign national who isn't also a US citizen or permanent resident" the checklist can give the employee a quick "it's okay/it's not okay/ask legal" answer.
A common answer to the question "why do you/your company do something that seems so utterly stupid" is "because our insurance company/contracts/applicable laws make us do it and/or our lawyers tell us that it's better if we do it that way."
I've worked for companies that had short data-retention policies. I'm going to go out on a limb and say that most rank-and-file employees whose productivity depended on holding on to old data probably found some way to do so. Maybe they printed out all emails except the obviously ephemeral. Maybe they exported them. Maybe they bulk-forwarded them to themselves every 89 days. Maybe they [insert other easy solution that worked for them]. You get the idea.
As others have already alluded to, you are screwed if you retain and screwed if you don't.
If you retain data "forever" then you can be subpoenaed "forever."
If you destroy documents or entire categories of documents on a regular schedule and you are sued or prosecuted for crimes that have very-long statutes of limitations (certain tax frauds, for example), you won't have documents that exonerate you.
If you cherry-pick which documents to destroy, or destroy them (other than on a longstanding destruction schedule) shortly before a prosecution or lawsuit, you'll be accused of deliberately destroying evidence.
If Obama, or for that matter any leader at a time when Presidential and Congressional approval ratings are in the basement, were smart, he would
* sit down behind closed doors with leaders of both parties and major caucuses * get a list of general things almost everyone agrees should pass in some form and for which a consensus bill can probably be reached * quickly negotiate a broad "consensus bill" for everything in the above list * quickly get the bills pushed through both houses of Congress, giving the small-minority voices that are against the bills or which favor won't-pass amendments a chance to speak and be heard. * hold bipartisan signing ceremonies * ??? * PROFIT in higher approval ratings for both the White House and Congress
Okay, I was kidding about the ???/PROFIT part but those inside the beltway really do need to realize there is a lot that they do agree on and they and America are better off getting the things that need to get done done rather than sticking to their guns just to spite the other party.
how do you know the factory-reset hasn't been tampered with?
Because if it could be tampered with, then it wouldn't be a factory-reset procedure, at least not in the sense that I'm talking about.
Go back to my original comment and look for the word "immutable". I used it several times. If the "factory reset" signal is present (e.g. a jumper pin is set or a button is depressed during power-on) then the first code that gets executed is the "firmware-loading firmware" which was factory-installed and non-overwriteable. This code wipes out the existing "real firmware" and over-writes it with a known-good factory-installed non-overwritable "factory reset backup firmware copy" or, if the manufacturer was short on space to store an extra copy of the firmware, it over-writes it with code found at a factory-determined location that is under the user's control (the modern equivalent of "X bytes starting at sector 0 of floppy disk A").
Suppose an evil user installs bad firmware using the factory reset procedure. Fine. Now the next user repeats the factory-reset procedure and overwrites the evil firmware with firmware that he (the current user) trusts and all is well.
Oh, and if the buyer can't trust the vendor to provide non-harmful "firmware-loading firmware" and a good path to get his preferred version of the firmware installed (either directly through a factory reset or from a factory reset followed by a normal firmware update) then he's buying from the wrong vendor.
The purpose of a factory reset is not to give 100% protection. It is not to mitigate all of the damage caused by the attack. It is to provide a way to rescue the hardware once the threat has been identified and means of re-infection have been gotten rid of. In other words, it's to save the cost of buying replacement hardware for a box that would otherwise be deemed "never to be trusted again."
Here are two examples:
1) A rouge employee tampers with a USB/Firewire/Thunderbolt device and uses that to infect Macs (or PCs, or phones, or whatever). The employee is discovered and shown the door and all potentially-infectious devices which cannot be factory-reset have been destroyed or removed from use. Those which can be factory-reset are reset and updated from known-good sources.
2) I buy a used piece of equipment. I want to know with certainty that there is no malware on it. I do a factory-reset and update it from known-good sources.
Also, the concept of a factory-reset is not specific to recovering from against hardware/peripheral-based attacks. It also helps recover from software-based attacks (including remote attacks) that take advantage of bugs to replace the "main" firmware with their own. In this case, the recovery is a two-step process: * Do a factory reset * Update to a version of the "real" firmware that does not have any known exploits It also has the limitation that it does not protect against exploits (including remote exploits) that will be discovered in the future.
Actually, it would be worse: the attacker could factory-reset your machine and then apply the attack, making any applied patches useless.
1) The attacker would have to have physical access to the device to do the factory reset. Either that or trick the user into getting out the screwdriver.
2) Applying a subsequent factory-reset would remove any malware installed by the attacker. Data loss would result, but at least you wouldn't have a permanently-compromised machine.
At this point, it becomes an economic issue, not a technical issue.
Compare two cases: You buy/rent a big mainframe with a long-term support contract. 5 years in, the vendor has economic trouble and files for bankruptcy. The bankruptcy court lets the vendor give 2 years' notice before canceling long-term support contracts. The vendor notifies you that in 2 years, it will cancel the affordable support contract and offer you a "take it or leave it" mega-expensive contract (they hope you will say "no"). Except for the money, you are happy with the product and you know that if you say "yes" you will get good service and support.
Case two: You contract to buy/rent a big mainframe with a long-term support contract. When that support contract is up 10 years later, they raise the rate significantly for a 10-year renewal. 8 years into the renewal, they notify you that the next renewal will be at a mega-expensive level (they hope you'll say "no"). Except for the money, you are happy with the product and you know that if you say "yes" you will get good service and support.
In neither case does the "renew/not renew" decision rest on technical merits. In both cases, it's a pure economic decision: Is it cheaper for us to renew or to replace?
This should be a no-brainer. Except for special-case customers who specifically do NOT want the ability to do a factory reset, all hardware should come with a factory reset procedure that any end user can do.
What would this entail?
* An immutable "firmware-loading firmware" that does nothing but check for a "factory reset" signal. If the signal is absent, load the "real firmware" from its usual location and execute it. If it is present, wipe all non-immutable storage (or wipe their decryption keys) and load (and possibly authenticate) an immutable "factory reset backup firmware copy" from a pre-defined immutable location and store it to the location where the "real firmware" is stored, then proceed to as if the "factory reset" signal was absent and load the just-replaced "real firmware" and execute it. * Consumer-friendly instructions on how to set the "factory reset" signal. For example: -- "Remove the screws covering the back of your phone, look for the orange dot in the lower-left corner, hold down the switch while simultaneously holding down the phone's power button, then release. Within 10 seconds you will hear 5 evenly-spaced beeps. If you do not hear 5 evenly-spaced beeps, repeat the previous step. Once you hear 5 beeps wait 5 seconds. The phone will power off. Reassemble the phone."
For leased devices, this might also entail breaking a tamper-evident seal, the breaking of which by the consumer might violate the lease contract.
If it's not broken, it gets the job done, it's vendor-supported, and you don't expect that support to end in the foreseeable future, then I don't see the problem.
Age alone is not any reason to declare technology obsolete.
Here's a common example: Stores still sell 4-function calculators for $5 or less. As far as the user is concerned, they are less-expensive versions of the same calculators you could buy from the mid-1980s on, and thinner-and-cheaper-with-LCD-and-button-battery versions of the kind you could buy in the 1970s. In other words, if you still have a 1985 four-function calculator and it's still working, it still meets your needs, and you can still get batteries for it, there's no reason to throw it out.
Heck, even the lowly manual typewriter is still better than a pencil, pen, electric typewriter, or computer+word processor+printer in certain situations. In others, the best choice is a pen or pencil.
If every newspaper in France were to re-print some of the more controversial cartoons form Charlie Hebdo, or offer to print and distribute next week's issue as a special insert, it would send a strong message to terrorists that the "Streisand Effect" is real.
I've already seen one mainstream American daily run a bunch of Charlie Hebdo cartoons in its online edition, including some depicting Mohammad (yes, THAT Mohammad). Without the mass murder, a lot fewer people would've seen that image.
From the FDA website: (Among other things) A medical device is "intended to affect the structure or any function of the body of man or other animals, and which does not achieve any of its primary intended purposes through chemical action within or on the body of man or other animals and which is not dependent upon being metabolized for the achievement of any of its primary intended purposes."
At first glance, most winter-wear clothing, the ropes used in 3-legged races, and even police handcuffs fall into this category.
* Winter-wear clothing - it is intended to trap heat, thereby affecting the structure and function of the skin and the body's heat-regulating mechanism.
* Ropes and handcuffs - are intended to temporarily limit or alter the effects of using ones muscles.
So, would the FDA claim that it has the right to regulate these things, even if it chooses not to do so today?
There is a place in research labs for "true" virtualization/emulation, where a particular hardware environment is virtualized/emulated right down to the timing characteristics of the hardware it's pretending to be.
But randsomware authors are not interested at that. As in previous story they do price gouging how much you are willing to pay. As they won't get penny from vm they do not bother with these.
One purpose for research-lab "true" visualizations is to be successful honey-pots, allowing malware to be studied in a captive environment without giving away the fact that it's a captive environment.
Cryptowall specifically overwrites all shadow copies of files.
You missed my point. I was talking about a case where a user's desktop is infected but the user has a network share from a Windows Server mounted, and where the backup files are stored on that share.
Because it lacks administrative rights to the server, the infected desktop cannot directly erase the shadow copies on the server.
Assuming a Windows shop with a Windows server holding the online backups, the worst that any client-side app can do is corrupt the current version of the networked backup. It can't delete the shadow copies. Oh, I suppose it could try to fill up the disk so the earlier non-corrupted shadow copies get purged, but it can't outright delete them unless it infects the server first (or otherwise gets admin access to the server).
It also can't touch existing tape or other offline sever backups from an infected desktop/laptop.
In other words, if the server is being managed well, the worst that malware on an end-user device can do is obliterate anything that hasn't made its way to an offline backup, and it will be very difficult to obliterate server-side shadow copies.
There is a place in research labs for "true" virtualization/emulation, where a particular hardware environment is virtualized/emulated right down to the timing characteristics of the hardware it's pretending to be.
Obviously you can't do this with stock hardware - you'll probably have to use supercomputer-type hardware and do large chunks of it in an emulator but in principle and maybe in practice we should able to emulate at least a few mid-2000s motherboard/CPU/typical-other-hardware setups well enough to fool any software running on them.
The hard part will be doing all of the timing right while running the emulated clock at real-time speed rather than some slowed-down or other fake-time speed. If the timing isn't precisely right, when the evil software connects to its C&C and checks the "real world clock" it will know something is fishy if the emulation environment's clock isn't running at real time.
As a society, we need to know the true costs of using our technology. This means we need to know under what conditions, if any, hydrolic fracturing causes earthquakes.
Fracking also provides many benefits. First and foremost it's given us energy near-independence decades sooner than other methods would have. This has potential spillover effects in foreign policy, particularly when it comes to dealing with other oil-rich nations. For example, if there had been a revolution in Saudi Arabia that threatened the oil supply in the 1990s, America would've probably jumped into the war. If it happens in the 2020s, America may be able to say "meh" without taking any hit at the gas pump.
Once we know what the true costs of fracking are, we may very well decide that it's worth the cost.
We've faced the same "we didn't know that the true costs were high, but now that we do, we still use our tech" decisions in the past. Using narcotics as pain relievers. Check. Using whale oil. Check. Using fossil fuels. Check. We aren't nearly as cavalier about using narcotics or fossil fuels as we once were, and for all practical purposes we stopped using whale oil ages ago. As for fracking, once we learn more we can make a more informed decision as to whether "it's worth it" or not.
Analog may or may not be better than a very good digital file, but enough audiophiles with money to burn think it does, so if you are going after the "audiophile" market, that's what you should aim for.
Now, how do we fit studio-quality analog tapes and a near-perfect player with excellent earbuds in a lightweight portable package with 33 hours of battery life?
Slashdot Mirror
The last thing you want is to be sitting in a deposition while opposing council tries to dissect your intonations and try and determine the definition of what "is" is
The flip-side is that you don't want opposing council to have copies of cherry-picked email that their client kept that makes you look bad and not be able to produce the emails that put those cherry-picked emails in the proper context, one that proves the complaint against you is bogus.
The bottom line: If you retain stuff, you may be screwed, if you don't, you may be screwed.
The lesson is always assume whatever you put in a computer will eventually become public.
I think it will be quite useful if my entire life, from birth to death, became public 100 generations (or 2000 years, whichever comes later) after I die. Apply that to a representative sample of every culture that ever lived or will live and it would be a boon to anthropologists 2000 years from now.
However, once you start talking about making my life public within a few generations of living memory, or worse, within living memory, that could get dicey and cause real harm to specific people who are still alive ("your great-great-great-great-great-great-grandfather screwed my ancestor out of a plot of land, I'm going to kill you and all of your relatives" kind of thing).
In cases where knowing my life 2000 years from now is likely to cause or inflame ancient-but-still-living hatreds (think: some of the conflicts in and around the location of the modern state of Israel), push the date back further until this is no longer an issue. In other words, 2000 years/100 generations may be too short of a time before my life can be made public without hurting people.
Were they sensible or was there a lot of "this seems stupid, but it's policy so we'll follow it" going on?
It wouldn't have occurred to you to check if a thing is legal if you didn't know that it was unethical, otherwise you would have just thought that it was obvious that it was OK.
Um. Nope.
There are plenty of things that are ethical and even commendable on their face but due to a law, contract, or some other thing that you, the employee or manager, don't know about, it may be illegal or violate a contract if you do it.
In a well-run company, upper management will tell everyone the broad areas that must be run through legal/finance/upper management for approval, and make sure the approving departments/managers have all the information they need to make quick, correct decisions on almost all cases. In a very-well-run company there may even be do-it-yourself pre-screening checklists, so if the "broad area" is "doing business with a foreign country or foreign national who isn't also a US citizen or permanent resident" the checklist can give the employee a quick "it's okay/it's not okay/ask legal" answer.
A common answer to the question "why do you/your company do something that seems so utterly stupid" is "because our insurance company/contracts/applicable laws make us do it and/or our lawyers tell us that it's better if we do it that way."
I've worked for companies that had short data-retention policies. I'm going to go out on a limb and say that most rank-and-file employees whose productivity depended on holding on to old data probably found some way to do so. Maybe they printed out all emails except the obviously ephemeral. Maybe they exported them. Maybe they bulk-forwarded them to themselves every 89 days. Maybe they [insert other easy solution that worked for them]. You get the idea.
As others have already alluded to, you are screwed if you retain and screwed if you don't.
If you retain data "forever" then you can be subpoenaed "forever."
If you destroy documents or entire categories of documents on a regular schedule and you are sued or prosecuted for crimes that have very-long statutes of limitations (certain tax frauds, for example), you won't have documents that exonerate you.
If you cherry-pick which documents to destroy, or destroy them (other than on a longstanding destruction schedule) shortly before a prosecution or lawsuit, you'll be accused of deliberately destroying evidence.
I'm sure they are hoping this will push people into Microsoft-branded cloud services.
If Obama, or for that matter any leader at a time when Presidential and Congressional approval ratings are in the basement, were smart, he would
* sit down behind closed doors with leaders of both parties and major caucuses
* get a list of general things almost everyone agrees should pass in some form and for which a consensus bill can probably be reached
* quickly negotiate a broad "consensus bill" for everything in the above list
* quickly get the bills pushed through both houses of Congress, giving the small-minority voices that are against the bills or which favor won't-pass amendments a chance to speak and be heard.
* hold bipartisan signing ceremonies
* ???
* PROFIT in higher approval ratings for both the White House and Congress
Okay, I was kidding about the ???/PROFIT part but those inside the beltway really do need to realize there is a lot that they do agree on and they and America are better off getting the things that need to get done done rather than sticking to their guns just to spite the other party.
how do you know the factory-reset hasn't been tampered with?
Because if it could be tampered with, then it wouldn't be a factory-reset procedure, at least not in the sense that I'm talking about.
Go back to my original comment and look for the word "immutable". I used it several times. If the "factory reset" signal is present (e.g. a jumper pin is set or a button is depressed during power-on) then the first code that gets executed is the "firmware-loading firmware" which was factory-installed and non-overwriteable. This code wipes out the existing "real firmware" and over-writes it with a known-good factory-installed non-overwritable "factory reset backup firmware copy" or, if the manufacturer was short on space to store an extra copy of the firmware, it over-writes it with code found at a factory-determined location that is under the user's control (the modern equivalent of "X bytes starting at sector 0 of floppy disk A").
Suppose an evil user installs bad firmware using the factory reset procedure. Fine. Now the next user repeats the factory-reset procedure and overwrites the evil firmware with firmware that he (the current user) trusts and all is well.
Oh, and if the buyer can't trust the vendor to provide non-harmful "firmware-loading firmware" and a good path to get his preferred version of the firmware installed (either directly through a factory reset or from a factory reset followed by a normal firmware update) then he's buying from the wrong vendor.
The purpose of a factory reset is not to give 100% protection. It is not to mitigate all of the damage caused by the attack. It is to provide a way to rescue the hardware once the threat has been identified and means of re-infection have been gotten rid of. In other words, it's to save the cost of buying replacement hardware for a box that would otherwise be deemed "never to be trusted again."
Here are two examples:
1) A rouge employee tampers with a USB/Firewire/Thunderbolt device and uses that to infect Macs (or PCs, or phones, or whatever). The employee is discovered and shown the door and all potentially-infectious devices which cannot be factory-reset have been destroyed or removed from use. Those which can be factory-reset are reset and updated from known-good sources.
2) I buy a used piece of equipment. I want to know with certainty that there is no malware on it. I do a factory-reset and update it from known-good sources.
Also, the concept of a factory-reset is not specific to recovering from against hardware/peripheral-based attacks. It also helps recover from software-based attacks (including remote attacks) that take advantage of bugs to replace the "main" firmware with their own. In this case, the recovery is a two-step process:
* Do a factory reset
* Update to a version of the "real" firmware that does not have any known exploits
It also has the limitation that it does not protect against exploits (including remote exploits) that will be discovered in the future.
Actually, it would be worse: the attacker could factory-reset your machine and then apply the attack, making any applied patches useless.
1) The attacker would have to have physical access to the device to do the factory reset. Either that or trick the user into getting out the screwdriver.
2) Applying a subsequent factory-reset would remove any malware installed by the attacker. Data loss would result, but at least you wouldn't have a permanently-compromised machine.
At this point, it becomes an economic issue, not a technical issue.
Compare two cases:
You buy/rent a big mainframe with a long-term support contract. 5 years in, the vendor has economic trouble and files for bankruptcy. The bankruptcy court lets the vendor give 2 years' notice before canceling long-term support contracts. The vendor notifies you that in 2 years, it will cancel the affordable support contract and offer you a "take it or leave it" mega-expensive contract (they hope you will say "no"). Except for the money, you are happy with the product and you know that if you say "yes" you will get good service and support.
Case two:
You contract to buy/rent a big mainframe with a long-term support contract. When that support contract is up 10 years later, they raise the rate significantly for a 10-year renewal. 8 years into the renewal, they notify you that the next renewal will be at a mega-expensive level (they hope you'll say "no"). Except for the money, you are happy with the product and you know that if you say "yes" you will get good service and support.
In neither case does the "renew/not renew" decision rest on technical merits. In both cases, it's a pure economic decision: Is it cheaper for us to renew or to replace?
it will only help you recovery once you detect it.
Bingo. No more "once it's compromised, it's always compromised" and no more "corrupt the BIOS to brick the device" attacks.
Also, buyers of used merchandise can assure themselves that the BIOS is the factory BIOS, not one that a previous owner installed.
This should be a no-brainer. Except for special-case customers who specifically do NOT want the ability to do a factory reset, all hardware should come with a factory reset procedure that any end user can do.
What would this entail?
* An immutable "firmware-loading firmware" that does nothing but check for a "factory reset" signal. If the signal is absent, load the "real firmware" from its usual location and execute it. If it is present, wipe all non-immutable storage (or wipe their decryption keys) and load (and possibly authenticate) an immutable "factory reset backup firmware copy" from a pre-defined immutable location and store it to the location where the "real firmware" is stored, then proceed to as if the "factory reset" signal was absent and load the just-replaced "real firmware" and execute it.
* Consumer-friendly instructions on how to set the "factory reset" signal. For example:
-- "Remove the screws covering the back of your phone, look for the orange dot in the lower-left corner, hold down the switch while simultaneously holding down the phone's power button, then release. Within 10 seconds you will hear 5 evenly-spaced beeps. If you do not hear 5 evenly-spaced beeps, repeat the previous step. Once you hear 5 beeps wait 5 seconds. The phone will power off. Reassemble the phone."
For leased devices, this might also entail breaking a tamper-evident seal, the breaking of which by the consumer might violate the lease contract.
Older versions of CryptoWall didn't wipe the shadow copies.
If it's not broken, it gets the job done, it's vendor-supported, and you don't expect that support to end in the foreseeable future, then I don't see the problem.
Age alone is not any reason to declare technology obsolete.
Here's a common example: Stores still sell 4-function calculators for $5 or less. As far as the user is concerned, they are less-expensive versions of the same calculators you could buy from the mid-1980s on, and thinner-and-cheaper-with-LCD-and-button-battery versions of the kind you could buy in the 1970s. In other words, if you still have a 1985 four-function calculator and it's still working, it still meets your needs, and you can still get batteries for it, there's no reason to throw it out.
Heck, even the lowly manual typewriter is still better than a pencil, pen, electric typewriter, or computer+word processor+printer in certain situations. In others, the best choice is a pen or pencil.
If every newspaper in France were to re-print some of the more controversial cartoons form Charlie Hebdo, or offer to print and distribute next week's issue as a special insert, it would send a strong message to terrorists that the "Streisand Effect" is real.
I've already seen one mainstream American daily run a bunch of Charlie Hebdo cartoons in its online edition, including some depicting Mohammad (yes, THAT Mohammad). Without the mass murder, a lot fewer people would've seen that image.
How do we know there isn't malware out there that is already using very sophisticated means of testing for "am I running on a VM or not"?
We probably don't know. It would be nice if we did. Short of pure luck, a "true virtualization" honeypot may be the only way to find out.
From the FDA website:
(Among other things) A medical device is "intended to affect the structure or any function of the body of man or other animals, and which does not achieve any of its primary intended purposes through chemical action within or on the body of man or other animals and which is not dependent upon being metabolized for the achievement of any of its primary intended purposes."
At first glance, most winter-wear clothing, the ropes used in 3-legged races, and even police handcuffs fall into this category.
* Winter-wear clothing - it is intended to trap heat, thereby affecting the structure and function of the skin and the body's heat-regulating mechanism.
* Ropes and handcuffs - are intended to temporarily limit or alter the effects of using ones muscles.
So, would the FDA claim that it has the right to regulate these things, even if it chooses not to do so today?
There is a place in research labs for "true" virtualization/emulation, where a particular hardware environment is virtualized/emulated right down to the timing characteristics of the hardware it's pretending to be.
But randsomware authors are not interested at that. As in previous story they do price gouging how much you are willing to pay. As they won't get penny from vm they do not bother with these.
One purpose for research-lab "true" visualizations is to be successful honey-pots, allowing malware to be studied in a captive environment without giving away the fact that it's a captive environment.
Cryptowall specifically overwrites all shadow copies of files.
You missed my point. I was talking about a case where a user's desktop is infected but the user has a network share from a Windows Server mounted, and where the backup files are stored on that share.
Because it lacks administrative rights to the server, the infected desktop cannot directly erase the shadow copies on the server.
Assuming a Windows shop with a Windows server holding the online backups, the worst that any client-side app can do is corrupt the current version of the networked backup. It can't delete the shadow copies. Oh, I suppose it could try to fill up the disk so the earlier non-corrupted shadow copies get purged, but it can't outright delete them unless it infects the server first (or otherwise gets admin access to the server).
It also can't touch existing tape or other offline sever backups from an infected desktop/laptop.
In other words, if the server is being managed well, the worst that malware on an end-user device can do is obliterate anything that hasn't made its way to an offline backup, and it will be very difficult to obliterate server-side shadow copies.
There is a place in research labs for "true" virtualization/emulation, where a particular hardware environment is virtualized/emulated right down to the timing characteristics of the hardware it's pretending to be.
Obviously you can't do this with stock hardware - you'll probably have to use supercomputer-type hardware and do large chunks of it in an emulator but in principle and maybe in practice we should able to emulate at least a few mid-2000s motherboard/CPU/typical-other-hardware setups well enough to fool any software running on them.
The hard part will be doing all of the timing right while running the emulated clock at real-time speed rather than some slowed-down or other fake-time speed. If the timing isn't precisely right, when the evil software connects to its C&C and checks the "real world clock" it will know something is fishy if the emulation environment's clock isn't running at real time.
As a society, we need to know the true costs of using our technology. This means we need to know under what conditions, if any, hydrolic fracturing causes earthquakes.
Fracking also provides many benefits. First and foremost it's given us energy near-independence decades sooner than other methods would have. This has potential spillover effects in foreign policy, particularly when it comes to dealing with other oil-rich nations. For example, if there had been a revolution in Saudi Arabia that threatened the oil supply in the 1990s, America would've probably jumped into the war. If it happens in the 2020s, America may be able to say "meh" without taking any hit at the gas pump.
Once we know what the true costs of fracking are, we may very well decide that it's worth the cost.
We've faced the same "we didn't know that the true costs were high, but now that we do, we still use our tech" decisions in the past. Using narcotics as pain relievers. Check. Using whale oil. Check. Using fossil fuels. Check. We aren't nearly as cavalier about using narcotics or fossil fuels as we once were, and for all practical purposes we stopped using whale oil ages ago. As for fracking, once we learn more we can make a more informed decision as to whether "it's worth it" or not.
Analog may or may not be better than a very good digital file, but enough audiophiles with money to burn think it does, so if you are going after the "audiophile" market, that's what you should aim for.
Now, how do we fit studio-quality analog tapes and a near-perfect player with excellent earbuds in a lightweight portable package with 33 hours of battery life?