Retracted! Wcry ransomware is reborn without its killswitch, starts spreading anew

Good point! Of course you need a CCO ID and you have to be proactive in the… oh, wait, you are talking about the iPhone operating system, the debiggened child of XNU, not the real IOS. :laughing:

Well, if you don’t run a custom kernel… oh, that’s right, you have an Apple phone, and so are running a backdoored corporate kernel that the FBI and NSA loudly proclaim they totally can’t break into, totally can’t, they tell every criminal organization in the world they can’t break Apple products…

Discourse needs an icon for “rolls eyes condescendingly” so we can use it on each other ;).

2 Likes

For example, my Win7 box at home has just the right Stack of hardware, drivers and software, which took me months to get right for making a decent PVR that works how I want it to. There are no Win10 drivers for some of the hardware, and no compatible versions of some of the software.

So you better believe I was fucking pissed when I got auto-updated to Win10 without consent.

7 Likes

The people who’ve been calling me every couple of hours for the last week, from the “Maintenance Department of Windows” are also very polite, and they have the most charming accents. I don’t let them talk much (I generally lecture them about morality until they hang up) but really I love the melodious sound of their voices, whenever they manage to get a word in edgewise.

2 Likes

Despite the not-so-great English and searing red UI that doesn’t meet basic accessibility requirements I am indeed impressed. They have put together a far better UI than I’ve seen from some of the big software companies.

3 Likes

If I’m in a bad mood, I ask them if their mothers know what they do for a living.

Those assholes took advantage of my elderly aunt, who googled a technical support number and got one of their phone banks. (Yes, they advertise their services in addition to making cold calls.) Messed up her computer. Then got taken advantage of by a local shady computer dealer.

2 Likes

Wearing tinfoil hats again, are we?

Feel free to read through this, and the comments: iOS 10 Security White Paper [pdf] | Hacker News

Apple went even further than the walled garden would require. They could have easily left an Apple backdoor. But they encrypt the protocol going over wires to/from the Enclave. They go insanely far rather than sufficiently far.

Yeah, nation state level attacks will still work, especially if they have the phone. But with Android it’s not nation state level. It’s corporate level and maybe less if they have the phone.

Every single security person I know recommends iOS if you care about security at all.

I wouldn’t say it’s a pointless observation, most of the media coverage of this thing seems to be focusing on the SMB bug, many reports not even mentioning Email at all, when the main concern should be educating users not to be dumbasses (I know, probably a waste of time).

Even if we solved all the security bugs we’d still have malware, as long as we can be tricked into doing dumb things.

The next step might be executing all potentially harmful content in isolated VMs, and monitoring them for suspicious activity. Edge has something like this already (Application Guard it’s called), but this is just for browsing suspect websites, we need something more general for executing all kinds of content (zip files, pdfs, spreadsheets, etc).

3 Likes

Oh, I always bring that up! Sorry to hear they hornswoggled your aunt.

Well, if you consider a nodding Internet acquaintance “knowing” someone, that’s not true, since the word “security” is literally on the org chart next to my name. (it’s not part of my title, though). But I wouldn’t ask you to disregard the recommendations of people you know much better.

The guys I know who are serious about security either don’t have phones or run custom android kernels. They recommend other people use whatever they like, as long as it is kept updated and they don’t use it to commit crimes.

Just looking at the preponderance of evidence. I’m not big on appeal to authority arguments.

I have always hung up the phone immediately if someone said something they should not say on an insecure line, though, since the 1970s. So perhaps I am a bit more paranoid than most! Even I’m not paranoid enough to think that OSS can’t be secured, though.

Well, it’ll take me a while. I already love the part about Apple downgrading the security of IOS in iMessage and backups due to a lack of understanding of encryption technology, that was very interesting. And the people claiming that Apple’s more concerned about stopping elcomsoft than about providing security to customers.

But you aren’t addressing the same things I am; I’m saying Apple doesn’t support old products and that no commercial product provides assurance of security beyond that of customized software. From my perspective you’re pursuing a One True Vendor fetish, looking for data to support that and ignoring anything that doesn’t fit the meme.

Interesting tidbit: I’ve been using computers since long before Apple, Google or Microsoft existed. There have been machines running my code 24/7 for many, many years. Guess how many times I’ve been hacked, guess how many times I have gotten malware on a personal machine?

So you better believe I was fucking pissed when I got auto-updated to Win10 without consent.

Win 7 ultimate on my Craigslist lappy four years ago, win 7 ultimate on it now. They didn’t get me! Or anyway not yet. (Though I often imagine I can hear Satya Nadella humming “Tomorrow is another day…”)

But what a lot of aggro that has caused me, reason being that MS started including all sorts of undesirable shite like telemetry in even “security only” patches so I had to turn off auto-update and just watch for new updates by eyeball, visit MS’s download site when one pops up, grab the .msu for any update that looked like it might be legit and needed, and then put the farking thing on the shelf for ten days and read the comments from folks who boldly went ahead and installed it. This strategy is what kept me from ever seeing that narsty “Get Windows 10 Now” adware icon in my system tray.

They’ll take my Win 7 when they pry it from my cold dead fingers.

Oh yeah, I do still have a honeypot XP SP3 box here, running and on the internets, just to see what kind of flies it might attract. It is, naturally, hardened in every way I can think of (I have an MCSE cert, for what that’s worth.) Up to date always-on AV, firewall, intrusion detection. Regular full scan by the on-board AV and then another by Malwarebytes for a second opinion. Also has Malwarebytes’ anti-ransomware (beta). And MS’s brand new screaming-emergency WannaCry patch–there is in fact one for XP, and it slipped right in like an oiled 8-cylinder eel. What else? Oh yeah, it reports itself to MS as being XP Embedded, though it isn’t. (XP Embedded is still within its support life.) And I make a weekly bit-for-bit C drive image backup. So far I haven’t ever had to wipe and restore, but I could.

2 Likes

That’s a mighty peculiar opinion to hold since Google itself only supports the Pixel phones for 2 years, whereas Apple regularly supports iPhones for 4 years. And Android devices not sold by Google are notorious for not having updates available to new OS versions + security patches, etc. Generally fragmentation hell.

I think you may be somewhat less of a security genius than you believe. Opinions can vary, however.

OS updates for at least 2 years. Security updates for at least 3 years or 18 months after Google last sold the device.

Well I hope not, since I’m not spectacularly impressed by my own security chops. Last week I found an SQL injection vulnerability in some code I wrote six months ago…

2 Likes

This 2013 Nexus 7 still gets updates from Google, though I have no idea what their official word on that is.

If they asked for unmarked dollar bills, would you prosecute the Fed?

I just learned that the virus didn’t actually infect XP machines at all, via the SMB bug, even though XP was vulnerable to that until they released the patch. The virus itself had a bug that prevented the worm spreading via XP, though it could infect an XP machine if a user manually ran it via an e-mail or something.

So while the NHS, for example, does have a lot of XP machines, it was mostly their un-patched Windows 7 and Server 2008 machines that were infected apparently (despite a patch having been available for months).

Someone also just discovered a bug in the Win XP Crypto APIs that allows you to decrypt the files without paying the ransom, only works if you haven’t rebooted the infected PC though (it left the primes used to generate the key in memory).

2 Likes

This topic was automatically closed after 5 days. New replies are no longer allowed.