On 12.11.2015 21:14, Ralph Katz wrote:
On 11/11/2015 10:24 PM, Cindy-Sue Causey wrote:
[...]
Brian Krebs of Krebs On Security had
something on ransomware and Linux, just not labeled Ransm-C or
anything:
http://krebsonsecurity.com/2015/11/ransomware-now-gunning-for-your-
web-sites/
IF I'm understanding correctly, he appears to have updated that
article with a *potential* way to beat it via a *potential*
vulnerability.... at least until the perpetrators upgrade their own
tactics, anyway.
I like what Brian's been doing. I can cognitively understand a LOT
of what he writes about. He's caught SlashDot's eye a time or two,
too.
Adding another keyword here, Linux.Decoder.1, which Brian says was
a name dubbed by "Russian antivirus and security firm Dr.Web". It
may or may not be the same as the other, but sounds like it works
similar'ISH.
Next stop is to pop over to a group called BlindWebbers. I'd seen
Brian's email subject line earlier and thought instantly of them,
just didn't get around to opening it then. The guy in Brian's
article makes it sound like it's a little time consuming and still
has incidental glitches afterwards.
That's presumably coming from someone with no visual disabilities.
The difficulty level of getting one's website back would
understandably rise relative to one's ability or lack thereof to
actually see what's going on within the file hierarchy..... AND
apparently each single file that reportedly stands to potentially
gather random bits AFTER the files have been decrypted.
As a user, I too, find Krebs informative. Also notable was this
recent Washington Post article about Linus Torvalds and Linux
security:
http://www.washingtonpost.com/sf/business/2015/11/05/net-of-insecuri
ty-the-kernel-of-the-argument/
"Fast, flexible and free, Linux is taking over the online world. But
there is growing unease about security weaknesses."
Regards,
Ralph
The ransomware articles from the security companies are pure marketing
efforts to develop customer's «pain» and to exploit it. There is
nothing new in the scheme «pay or suffer». And the companies provide
nothing new as a «cure» either (which haven't been there for decades).
More over, I wonder, what is the difference between the «ransomware»
business model and so called «planned obsolescence» business model,
which, I guess, has become worldwide industrial standard nowaday? And
in what way should differ protective measures for both of them? I
mean, from the end users point of view, there is no much difference if
their data have been stolen/encrypted by one crook or if their data
have been lost because of «sudden» HDD fail planned in advance by
another crook. Except, may be, the fact that in the first case you
still have a tiny chance to get your precious data back (may be, which
I doubt).
The WP article seems like a spin. It gives us a spooky filling of
great imminent danger radiating from the Linux, but in the same time
it is surprisingly shallow and inconcrete. Though it uses security
thing as a pretext, I guess, it's not about security.
Of course, I don't think the subject of Linux security does not
deserve attention or discussion. But what the point in such articles
as the WP example, except from not so subtly playing with mass opinion
with pretty obvious commercial intention?