It may well be it's just a debugging tool let in there by it's NSA creators which the current bunch of criminals using it hadn't realised was there.

Random Troll has started a new thread which is relevant. According to a link he found, 80% of Chinese computers run unregistered copies of Windows, which of course receive no security patches at all. As a result, China was heavily hit by the worm, and may have played an important part in its rapid spread.

I must say I'm puzzled by the Chinese. Obviously they don't want to pay anything to the evil capitalists at Microsoft, but there are good Chinese versions of Linux. Why do they need to use Windows at all?

It's simply business. If they get started on Windoze, legal copies or not, they won't be able to (or even know to) move to working systems. In fact it has long been a part of Bill's strategy:

Then the authorities also turn a blind eye to the situation, and not just because of rampant corruption. The monoculture of extremely buggy code leaves almost limitless opportunity for getting in and snooping around or even setting up realtime monitoring of text, audio, and video from the targeted machines.

At the end of the day, global powers, both corporate and government, make the ongoing decision to have machines that anyone and everyone can get into easily. The alternative would be machines that are difficult or functionally impossible to get into and they do not want that.

Back to NHS, I mentioned Red Hat as being big enough to play the certification game. Perhaps my prejudice against Canonical colored my thoughts to exclude them, but since they have their headquarters in London, they could use their advantage as a UK company to improve the situation at NHS.

Why are you convinced that the person or persons responsible are from the US, Europe, Russia or China? I they may be very stupid people from one of those places or, on the other hand, they may be based in an African or South American country or even, it has been suggested, in North Korea. People do live in these places, you know.

I am really grateful for this thread if only to see the quote for Billy posted by Turbocapitalist. By the turn of the century I was convinced that M$ was using the "First one's free" junkie variation on Bait 'n Switch and to see that Billy finally admitted it just warms the cockles of my heart with a sweet sense of vindication.

I based my speculation on Billy's having essentially majored in poker at Harvard combined with the unique aspect of software that it is paid for to produce only once and replication is trivial so stealing only actually costs MS on paper BUT the effect is that at least their system proliferates and dominates, a net gain. The fact that on the day of release or even sometimes just before bootleg OEM copies were available all over the web made me highly suspicious, but there was no way to prove the source or that it was only condemned tongue in cheek. When I posted my hypothesis on another computing forum way back in 2001 I was flamed mercilessly. Now we know that the most pernicious virus is Windows. HUZZAH !

I've never thought that, or written it. I don't know how you made that inference.

Perhaps you suppose that extradition treaties are rare, but in 2017 a country not having any extradition treaties or a functioning legal system is rare. Many countries now have extradition treaties when they did not have them decades ago, eg Brazil.

The list of countries without any extradition treaty or a legal system that would deal with it themselves would I expect be a list of countries that are unpleasant to live in and often from where person or persons could be abducted without formality.

There seems to be some misunderstanding. As I understand it there is no suggestion that this ransomware came from NSA. This kind of thing has existed for several years in various forms.

The vector for the ransomware was CVE-2017-0144, which is supposedly linked to the NSA.

You made reference to having to travel to a country with no extradition in place -- that's the assumption I was getting at.
as to how good or bad those places are I suppose it depends somewhat on what you are used to -- seems, for example, Nigeria's extradition treaties aren't particularly set in stone and lots of people live there happily.
Then there are countries like North Korea which, while not places people would choose to live, would even treat the perpetrators as heroes.
That's before you get into the whole being bothere to investigate even if there is a treaty in place.
My point being, again, that to assume that th perpetrators were stupid enough to put themselves in a position to be caught and punished is still a fairly big assumption even in these days of Team America World Police.
To me, at least, the fact that both China and Russia, the two places people usually feel free to attack Western Europe and the USA from, have been attacked suggests either extremely stupid (as in they're using home internet connections and no VPN type stupid) or they're outside of those juruisdictions also.

perhaps Wikipedia is incorrect but itseems to suggest the tool was developed for the CIA and leaked as part of a larger haul by a hacker group.

The exploit is known as "EternalBlue" and was leaked from NSA along with "DoublePulsar", the "tool" which targets it. It's this exploit (an RCE in windows SMB) and the tool/code which makes it possible to inject ransomware (or any malware or trojan, etc

The attackers are not stupid, as they've used botnets to achieve this. I doubt any of the attacks will originate from any computer linked to the perpetrators. They will be hard to trace unless they slip up (it's happened before).

Yes, they could already be in a "bad" country I suppose, although numerically from the point of view of numbers in the populations of different countries, having sufficient education, and access to the technology, it is less likely. except if it was state sponsored as you suggest.

Not XP: https://www.bleepingcomputer.com/new...ing-windows-7/

Yep. It was Vista7 all along: https://arstechnica.com/security/201...ead-so-widely/

With all of the complaints and debate about "fake news" we need to take a long, hard, cold look at those who were spreading the disinformation that old XP was to blame and how easily and quickly that disinformation spread. The trade publications were pretty much all on message with that, to the detriment of their readers. The how and why behind their decisions to toe that line certainly lead back to Redmond.

That's amazing! I was completely taken in by the official story.

I'm shocked....not! I'm sure M$FT had no small part in propagating this "misunderstanding."