[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Ransomware meets Linux - on the command line!

On 12.11.2015 21:14, Ralph Katz wrote:
On 11/11/2015 10:24 PM, Cindy-Sue Causey wrote:


Brian Krebs of Krebs On Security had
something on ransomware and Linux, just not labeled Ransm-C or


IF I'm understanding correctly, he appears to have updated that
article with a *potential* way to beat it via a *potential*
vulnerability.... at least until the perpetrators upgrade their own
tactics, anyway.

I like what Brian's been doing. I can cognitively understand a LOT of
what he writes about. He's caught SlashDot's eye a time or two, too.

Adding another keyword here, Linux.Decoder.1, which Brian says was a
name dubbed by "Russian antivirus and security firm Dr.Web". It may or
may not be the same as the other, but sounds like it works

Next stop is to pop over to a group called BlindWebbers. I'd seen
Brian's email subject line earlier and thought instantly of them, just
didn't get around to opening it then. The guy in Brian's article makes
it sound like it's a little time consuming and still has incidental
glitches afterwards.

That's presumably coming from someone with no visual disabilities. The
difficulty level of getting one's website back would understandably
rise relative to one's ability or lack thereof to actually see what's
going on within the file hierarchy..... AND apparently each single
file that reportedly stands to potentially gather random bits AFTER
the files have been decrypted.
As a user, I too, find Krebs informative.  Also notable was this recent
Washington Post article about Linus Torvalds and Linux security:


"Fast, flexible and free, Linux is taking over the online world. But
there is growing unease about security weaknesses."


The ransomware articles from the security companies are pure marketing efforts to develop customer's «pain» and to exploit it. There is nothing new in the scheme «pay or suffer». And the companies provide nothing new as a «cure» either (which haven't been there for decades).

More over, I wonder, what is the difference between the «ransomware» business model and so called «planned obsolescence» business model, which, I guess, has become worldwide industrial standard nowaday? And in what way should differ protective measures for both of them? I mean, from the end users point of view, there is no much difference if their data have been stolen/encrypted by one crook or if their data have been lost because of «sudden» HDD fail planned in advance by another crook. Except, may be, the fact that in the first case you still have a tiny chance to get your precious data back (may be, which I doubt).

The WP article seems like a spin. It gives us a spooky filling of great imminent danger radiating from the Linux, but in the same time it is surprisingly shallow and inconcrete. Though it uses security thing as a pretext, I guess, it's not about security.

Of course, I don't think the subject of Linux security does not deserve attention or discussion. But what the point in such articles as the WP example, except from not so subtly playing with mass opinion with pretty obvious commercial intention?


Reply to: