Been infected with the WannaCry ransomware yet?
Edgar Reynaldo

What do you guys think of the latest giant cyber attack. Hacking hospitals and manufacturers and others. We still run XP on my desktop, but then I never click on links in funny emails. ;)

Anyone been affected by this? Will it keep spreading? I wonder if they are paying the ransoms. Hacking hospitals is not cool though. :-/

Johan Halmén

I heard in the radio that some nerd checked the inside of the virus and found a phoney url there. He registered the url, which deactivated the thing. What they said was that the virus creator had made that to a switch, with which the virus could be deactivated. The virus obviously made a call to the phoney url and continued with the bad stuff only if the url wasn't real.

GullRaDriel

Never got infected.

Samuel Henderson

Never got infected, but I don't regularly use Windows at home (and when I do occasionally use Windows it's Windows 10, and I don't check email using it).

A college a couple hundred kilometers away got infected a couple of weeks ago. I don't believe they paid the ransom, they restored from backups. I've heard they lost a bunch of data in the process though.

Neil Roy

Use Windows 7, it was patched against this THANKS TO MICROSOFT in March. No thanks to NSA who knew about this but kept it a secret so they could use/abuse the exploit for their own nefarious reasons.

This was one of the reasons why Microsoft was complaining about the NSA keeping these problems secret and not informing Microsoft about them so they could fix them.

I heard people blaming Microsoft, talk about utter STUPIDITY. I asked them, should Microsoft patch DOS as well? If you're still using XP or another version of software that is no longer supported than that is your problem.

This was also an opportunity for Linux fanboys to tout their glorious, perfect OS over Windows, well, except if you press backspace 28 times to bypass the password.

The point is, all software that complex is bound to have issues. The ONLY people effected by this were UNPATCHED systems. If you haven't downloaded and patched your system in over a month, don't blame Microsoft.

Mine was patched in March. And I am not STUPID enough to open ANY email attachments.

I think the reason why this was released in April was due to the fact that Microsoft had just patched it and they wanted to infect as many systems that hadn't applied the patch yet ASAP.

MiquelFire

>He registered the url, which deactivated the thing.

Sadly, that only works for v1. Other version removed that check.

I never get e-mails like this, or if I do, they're clearly bad e-mails with my mental filter and I just delete it and forget about it.

Eric Johnson

I use Linux, so it didn't affect me.

Why would anyone still be using XP all these years later? Madness! :o

Edgar Reynaldo

Hardware driver compatibility. Software compatibility. Old equipment. Upgrading sucks. Ran out of space on the HDD, haven't transferred over to the new SSD yet. Got a lot of programs that won't work on newer versions of Windows anymore, and I've lost a lot of the installation media for most of it. That's why I'm still using XP SP2 on my desktop. Mostly I use my Win10 laptop these days.

raynebc
Neil Roy said:

This was also an opportunity for Linux fanboys to tout their glorious, perfect OS over Windows, well, except if you press backspace 28 times to bypass the password.

One of my networking teachers always said boot access (ie. full physical access to the computer) is as good as root access. Recovery mechanisms are intentional and can often be disabled for people that care about it.

Eric Johnson
raynebc said:

One of my networking teachers always said boot access (ie. full physical access to the computer) is as good as root access.

Once you have physical access to a machine, you practically own it. That's why physical security is just as important as digital/software security--especially in an office setting (don't leave your servers un-tethered!).

Chris Katko

We still run XP on my desktop, but then I never click on links in funny emails. ;)

It shouldn't affect you... even XP is patched (even though it's out of support!) unless someone went out of their way to not allow XP patches.

If you're running pre-XP... damn...

Good on Microsoft for patching even XP for "the good of the ecosystem." They could let everyone explode and say "NYAH, you should have bought new more secure computers from us!"

Bob Keane

The virus was not necessarily spread by email. The hackers could have hidden the code in a legitimate website. We did not have any problems at either of my jobs an I use linux. Besides, I have nothing to steal and nothing I can't recover.

Neil Roy

I heard of possible infections from website banners which made me really glad I have an adblocker on my browser (uBlock Origin).

bamccaig

It was announced a work at the beginning of the week by a teck guru involved in one of our networks. I briefly looked into it, but it doesn't seem all that scary for me. Allegedly Windows 10 is "immune". That is what my work machine is already running. For good measure I let Windows Defender do a full scan yesterday, which not only turned up nothing, but failed to report the results of the scan to me. Utter garbage. In any case, I'm not particularly worried. I always try to access unsure files manually. I disable automatic loading of external media. I can't do much if the browser or OS lets nefarious code execute without my doing. In any case, in terms of randsomware, I always to backup most of what matters to Git repos and push that data to external devices. Even if I was infected, I shouldn't lose much on my work machine.

Apparently it's possible for Wine in Linux to be infected too, though I think you currently have to go out of your way to infect yourself. I'm not sure if there's an attack vector yet that requires you not to hate yourself, but I still regard it as a possibility. I'm still reading through some articles, but in general I'm not afraid running Linux. Again, my most important data is always synchronized across a network. Even if my Linux desktop was infected I'd probably just wipe it out and start from scratch. And the only things I'd restore are text tracked with cryptographically secure source control. It's not impossible to hack, but probably more effort than the average hacker, let alone drive-by cracker, would have the time for.

Anyway, knock on "wood", nobody I know has been hit so far.

Polybios
bamccaig said:

Anyway, knock on "wood"

Better yet:
{"name":"C_3yYxCXoAA11fU.jpg","src":"\/\/djungxnpq2nug.cloudfront.net\/image\/cache\/8\/4\/842d8905f4dfcf833d86b452c2b414a5.jpg","w":1200,"h":812,"tn":"\/\/djungxnpq2nug.cloudfront.net\/image\/cache\/8\/4\/842d8905f4dfcf833d86b452c2b414a5"}C_3yYxCXoAA11fU.jpg

Edit: Found an english source:
https://boingboing.net/2017/05/17/prophylactic-bricking.html

bamccaig

:D

Chris Katko
Neil Roy said:

I heard of possible infections from website banners which made me really glad I have an adblocker on my browser (uBlock Origin).

I will never uninstall or disable uBlock Origin and adblocking in general until someone builds a SAFE, FAIR advertising system. I'm not compromising my system, filling my RAM and CPU, and listening TO AUDIO just to read your piece of shit website.

Remember how great Google adwords were? You could change the CSS so they blended in with your website instead of the ads sticking out like a sore... FLASHING thumb.

It's funny. My wife watches lots of Hulu (I don't care for it). And, unlike Netflix, Hulu HAS ADVERTISEMENTS. Sometimes 3 in a row (each 1 to 3 minutes long) after watching like 5 minutes of show. On my computer it just shows a black screen and Hulu says "You appear to have a adblocker. Disable it to get the full experience." My wife told me she actually likes the black screen now. "It's like 3 minutes of peace and quiet."

I honestly feel like my life is better and less stressful now that I don't watch advertisements at all. I don't think the human subconscious has evolved to tune out hundreds of advertisements that have a person come on the screen and tell you, "You are broken, and our product is the cure." Advertisements are like the worst people in a room... constantly trying to get your attention and yet having nothing of substance to say.

Polybios: Is... is that... real?

Neil Roy

Remember when the internet was more about freedom, information and communication? Now they are trying to FORCE you to watch their ads or else!

I simply refuse. Find another way to make money, because I'm on the internet to get away from the ads that flood me on TV, not see more of them.

bamccaig

Agreed. I almost never disable ad blocking, even if they're unintrusive. I generally disagree with the business model. Ads are almost always a selfish endeavor with no concern for public health. They're manipulative and deceptive. It's a terrible business model. Most of them aren't even clever. Just cheap. Like a 20¢ whore. I actually forget that the Web is full of ads because I never see them.

Polybios

Is... is that... real?

Ok, I've done my homework: Nope, it's not authentic, it's an older image (2013). Stupid social media "news". But the practice of blessing technology equipment actually seems to be common.

Here's the picture in its original context, it was part of a larger operation (www.patriarchia.ru via Google Translate):
https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.patriarchia.ru%2Fdb%2Ftext%2F3338529.html&edit-text=&act=url

Chris Katko

DAMN IT, SOCIAL MEDIA. Add boingboing to the list of sites I don't trust.

Polybios

It was also carried by derstandard.at, a respectable Austrian newspaper AFAIK, so I thought it was credible. Such a mess.

Thread #616893. Printed from Allegro.cc