LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 05-14-2017, 06:00 PM   #46
ardvark71
LQ Veteran
 
Registered: Feb 2015
Location: Oregon, USA
Distribution: Lubuntu 14.04, Windows Vista
Posts: 6,276
Blog Entries: 3

Rep: Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835Reputation: 835

Quote:
Originally Posted by hazel View Post
PS: Vista may be insecure but does anyone actually use it?
Every day.

Regards...
 
Old 05-14-2017, 06:15 PM   #47
blade7
LQ Newbie
 
Registered: May 2017
Posts: 4

Rep: Reputation: Disabled
Microsoft did it. To force companies and organizations to move to windows 10. Microsoft would say, "I want to spy on the world"
 
Old 05-14-2017, 11:17 PM   #48
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,090
Blog Entries: 3

Rep: Reputation: 927Reputation: 927Reputation: 927Reputation: 927Reputation: 927Reputation: 927Reputation: 927Reputation: 927
Quote:
Originally Posted by hazel View Post
I was going to ask if that story was true. If it is,
Here's a proxied link to a statement the other day straight from the horse's mouth: The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack

Quote:
The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year.
And an older link from a better source: Current wave of ransomware not written by ordinary criminals, but by the NSA

Last edited by Turbocapitalist; 05-14-2017 at 11:20 PM.
 
Old 05-15-2017, 01:02 AM   #49
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,109

Original Poster
Rep: Reputation: 522Reputation: 522Reputation: 522Reputation: 522Reputation: 522Reputation: 522
That is so like Microsoft! Blame everyone else but themselves! Yes, of course the NSA has behaved badly in this, but they could not have "stockpiled vulnerabilities" unless the vulnerabilities were there to begin with. And who put them there? Incompetent Windows software designers, that's who.

They say they already had a patch for this. Why didn't they make sure it was applied? We already know that Microsoft have ways of forcing updates, which they're happy to use to stuff new releases down people's throats, to make more money for themselves. Why don't they use them to make their existing software self-patching?
 
Old 05-15-2017, 05:26 AM   #50
grumpyskeptic
Member
 
Registered: Apr 2016
Posts: 144

Rep: Reputation: Disabled
Quote:
Originally Posted by 273 View Post
Only if they're in the extradition zones for the countries affected. Otherwise they'll get away with it or be hired by their government.
Since many countries have been affected, there must either be very few or no countries that do not extradite to any of them. Even if there was one, and the person or people had moved there, then they would one ordinary day be jostled by a small group of people and then wake up in a prison cell thousands of miles away.

I expect any countries that do not have any extradition treaties would be unpleasant places to live which you would try to leave if you possibly could.

Last edited by grumpyskeptic; 05-15-2017 at 05:30 AM.
 
Old 05-15-2017, 05:45 AM   #51
cynwulf
Senior Member
 
Registered: Apr 2005
Location: Walsall, England
Posts: 1,940
Blog Entries: 5

Rep: Reputation: 992Reputation: 992Reputation: 992Reputation: 992Reputation: 992Reputation: 992Reputation: 992Reputation: 992
Quote:
Originally Posted by SimonDevine View Post
The trouble is that IT has become so ubiquitous and people don't realise how open Windows still is. It is a bit of a rude awakening, but it's my sincere hope that ordinary working people start to recognise that computing is much more than the on/off switch on the box.
I'm afraid it won't change a thing. This kind of thing has happened before and it will happen again - and it will happen on Linux embedded IoT and omnipresent Android devices as well.

The average person wants speed, performance and "easy", security is something someone else takes care of or an "app" they install and this knocks on to the "IT guy", security is something he pays a subscription for and installs and it takes care of itself... which in turn leads to the "security" firms; where security is usually about some *BSD or Linux powered hardware which someone else writes the software for. Who? They don't really know, but it "just works"... Eventually they are left with a device which is no longer supported, so they take the hit and go out and buy a new one (or maybe not).

The issue of people not updating/upgrading remains, it's not a windows specific problem - in fact it's getting worse and has the potential to be much worse than it ever was in windows.
 
Old 05-15-2017, 10:10 AM   #52
moxieman99
Member
 
Registered: Feb 2004
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 420

Rep: Reputation: 146Reputation: 146
My question is very simple: How can a computer reach an unregistered domain name on the internet? If it's unregistered (the domain), how could relay servers know where to send your computer's signals?
 
Old 05-15-2017, 10:53 AM   #53
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,109

Original Poster
Rep: Reputation: 522Reputation: 522Reputation: 522Reputation: 522Reputation: 522Reputation: 522
If you mean, how could the propagation of the worm be stopped? Presumably when the originators wanted to stop it, they would register the domain and then the phoning home would work. Only the "accidental hero" got there first.
 
Old 05-15-2017, 11:02 AM   #54
moxieman99
Member
 
Registered: Feb 2004
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 420

Rep: Reputation: 146Reputation: 146
Quote:
Originally Posted by hazel View Post
If you mean, how could the propagation of the worm be stopped? Presumably when the originators wanted to stop it, they would register the domain and then the phoning home would work. Only the "accidental hero" got there first.
No, I mean exactly what I said: How can a computer reach an unregistered domain name on the internet? If it's unregistered (the domain), how could relay servers know where to send your computer's signals?
 
Old 05-15-2017, 11:27 AM   #55
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,669

Rep: Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911
Quote:
Originally Posted by moxieman99 View Post
No, I mean exactly what I said: How can a computer reach an unregistered domain name on the internet? If it's unregistered (the domain), how could relay servers know where to send your computer's signals?
Why would they need to? How does this relate to the matter at hand?
 
Old 05-15-2017, 12:26 PM   #56
moxieman99
Member
 
Registered: Feb 2004
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 420

Rep: Reputation: 146Reputation: 146
Quote:
Originally Posted by 273 View Post
Why would they need to? How does this relate to the matter at hand?
The ransomware originally communicated with "an unregistered domain" and that was integral to the process of spreading itself. The domain name was registered, and that stopped the spread of the original malware version. My question is, how could the malware send a message to an internet domain that is unregistered in the first place?
 
Old 05-15-2017, 12:34 PM   #57
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,669

Rep: Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911
Quote:
Originally Posted by moxieman99 View Post
The ransomware originally communicated with "an unregistered domain" and that was integral to the process of spreading itself. The domain name was registered, and that stopped the spread of the original malware version. My question is, how could the malware send a message to an internet domain that is unregistered in the first place?
I think either hazel and myself are misunderstanding how this was stopped or you are. The reports are that once th domain was registered (in other words: could be connected to) the infection stopped.
 
Old 05-15-2017, 12:46 PM   #58
jailbait
LQ Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Linux Mint 17, Debian 8
Posts: 7,860

Rep: Reputation: 311Reputation: 311Reputation: 311Reputation: 311
Quote:
Originally Posted by moxieman99 View Post
The ransomware originally communicated with "an unregistered domain" and that was integral to the process of spreading itself. The domain name was registered, and that stopped the spread of the original malware version. My question is, how could the malware send a message to an internet domain that is unregistered in the first place?
The ransomware tried to find an unregistered domain. If the attempt failed then the ransomware tried to spread to other machines. If the attempt to reach the domain in question succeeded that was the signal to the ransomware to not try to spread.

So to answer your question the ransomware did not communicate with an unregistered domain. The ransomware merely looked for the domain name in question.

------------------------
Steve Stites
 
Old 05-15-2017, 02:14 PM   #59
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 5,802

Rep: Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381
^ so the ransomware actually has an on/off switch? how considerate.
 
Old 05-15-2017, 02:17 PM   #60
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 5,802

Rep: Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381
Quote:
Originally Posted by Soadyheid View Post
Is it just me or during times of cutbacks and austerity purges, it always appears to be the IT sections that are culled first?
in politics, it's always the social sector. child care, schools, health care, etc. they tend to not have lobbyists.

which this whole incident, indirectly, proves.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Locky Ransomware Spreading in Massive Spam Attack LXer Syndicated Linux News 0 03-17-2016 06:32 PM
Hackers warn NHS over security Jeebizz Linux - News 1 06-10-2011 08:57 AM
LXer: Schools and the NHS: does Linux even get a look in? LXer Syndicated Linux News 0 07-21-2010 02:00 PM
Microsoft to keep our NHS records? sycamorex General 1 08-10-2009 07:17 PM
LXer: Novell starts work on NHS contract LXer Syndicated Linux News 0 12-19-2005 05:16 AM


All times are GMT -5. The time now is 02:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration