Improved CryptoLocker Clone "Cryptowall" Has Locked Over Half A Million PCs, 5 Billion Files

[mapesdhs]

A good idea to use single write media like dvd's for important stuff from time to time. Incremental backups to a hdd can/will probably get infected by something at some stage.

I used to use a DDS4 DAT, but the capacity became an issue. I do have a DAT72 but it's not enough either.
For the moment I'm just cloning onto separate devices; not ideal really. Indeed it would be good to have
access to an affordable write-once backup solution. I suppose one could use bluray discs, though aren't
they kinda slow by comparison to tape drives? (not sure)

But for me it is not nearly enough space (I probably have 10x that much to backup)

It's a shame modern tape tech like LTO6 is so expensive, though I suppose as an intermediate
step one could try and bag a used LTO3/4/5 instead. I did obtain a SCSI LTO1 but sadly couldn't
get it to work.

Ian.

 

[iam2thecrowe]

so lets say i get stabbed walking down the street, ...

Try discussing the subject without using pointless and irrelevant analogies. All you've done is
pick something which deliberately negates the direction of blame & responsibility. My original
statement still stands on its own. An operating system isn't a person walking down a street. 😀
Total mismatching of concepts, like the Suez Crisis popping out for a bun...


jameskatt write:
> Keep your critical files on a Mac. Use your PC for stuff you can easily wipe erase and start over.

Almost; I use an old SGI.

Ian.

its a completely relevant analogy, your blaming someone for something thats out of their control.

Ill give you another analogy, someone brakes into your house and steals a briefcase full of files, and demands a ransom for them. I would blame the person who stole my files, not the locksmith, not the police or anyone else. There is always a way in no matter how secure. Microsoft doesnt claim 100% security, so they arent liable.

 

[mapesdhs]

Blah blah, more analogies. Can't you discuss the topic directly?

Fact is, MS has a responsibility to ship a secure product, whereas in reality it's barely even tried
for more than 20 years.

Ian.

 

[xaephod]

Find the people who use the program and break their fingers with a mallet.

 

[palladin9479]

And this is where I embarrass all the "MS sucks!!!0101" people.

MS actually provides more protections then UNIX / Linux when it comes to elevated privileges. It does this by preventing the user from ever assuming full system level privileges, "Admin" rights are really just power user type privileges, you can still get access denied errors even when your running as local administrator. POSIX environments on the other hand, once your root you've essentially become god on that system. They will happily let you do really really dumb stuff like "rm -rf /usr" and proceed to blow your system all to hell. Or to copy new binaries on top of other system binaries nonchalantly. No amount of security measures will stop someone with root access.

So what we're really discussing here is unintentional elevation of rights. Which is when a piece of software elevates into admin rights without the user authorizing it. And again NT has the same level of protection that Solaris and Red Hat do, that a user can never assume privileges higher then what the system administrator has granted them. The reason you see so many problems with MS, isn't that it has worse security but that the ones who use alternatives also are the ones who are cognizant of their system enough to secure it properly. Joe Bob and Marry Jane would screw up a Linux build just as fast as they would a MS Windows build and in exactly the same way. Both would get tired of constantly having to elevate their privileges via logout or UN/PW and eventually just do their day to day operations as root, which would actually render their system more vulnerable then logging into that MS Windows system as an account with administrative rights. The issue is with conducting daily activities like browsing and media consumption with permissions higher then required, which effects all Operating Systems equally.

And before any of you start hammering on your keyboards, this is coming from me as a certified Solaris Administrator, someone who eats and breaths Unix every day of my life in an enterprise environment. RBAC is simply too complex and time consuming to reasonably expect home users to employ.

 

[iogbrideau]

Now my opinions are the same as palladin9479. Probably the most accurate post here so far.

What I want to add though is that with whatever OS you use, if you open the door to malware, than it is your fault. From experience in the IT field I can say that most malware that comes in a computer uses the users to get installed. It's mainly when people install their programs and agree to install the malware unknowingly by clicking next-next-next without looking at what's written. That's how it beats all the protection Windows gives you.

It's pretty much the same thing on Linux and on Mac OS* except there's not enough people that use Linux to give an incentive to make malware for it, so there is very few malwares, and same thing with Mac OS* except Apple denies there being malware for them. When someone wants to get in an OS, they will, no matter the amount of security.

 

[iam2thecrowe]

Blah blah, more analogies. Can't you discuss the topic directly?

Fact is, MS has a responsibility to ship a secure product, whereas in reality it's barely even tried
for more than 20 years.

Ian.

Now my opinions are the same as palladin9479. Probably the most accurate post here so far.

What I want to add though is that with whatever OS you use, if you open the door to malware, than it is your fault. From experience in the IT field I can say that most malware that comes in a computer uses the users to get installed. It's mainly when people install their programs and agree to install the malware unknowingly by clicking next-next-next without looking at what's written. That's how it beats all the protection Windows gives you.

It's pretty much the same thing on Linux and on Mac OS* except there's not enough people that use Linux to give an incentive to make malware for it, so there is very few malwares, and same thing with Mac OS* except Apple denies there being malware for them. When someone wants to get in an OS, they will, no matter the amount of security.

i am guilty of this, a recent one when installing minecraft mods through an auto installer, all of a sudden random addons and things installed. Then when you go to uninstall them, it asks you a question, it will remove this program and install another program in an endless loop. A combination of malwarebytes, spybot s&d and killing some services and reg entries manually fixed it. I dont think having standard uiser rights or admin would make a difference if i clicked next? would it?

 

[palladin9479]

i am guilty of this, a recent one when installing minecraft mods through an auto installer, all of a sudden random addons and things installed. Then when you go to uninstall them, it asks you a question, it will remove this program and install another program in an endless loop. A combination of malwarebytes, spybot s&d and killing some services and reg entries manually fixed it. I dont think having standard uiser rights or admin would make a difference if i clicked next? would it?

If your able to install software then you have admin rights and no amount of security will fix that. The "proper" way to do this is to have two accounts, one that you log into the system as and only has local user privileges and another that was local administrative privileges. If you have a "run as admin" option when you right click then your current account as admin rights. As a user you can't install anything and instead you need to open a command prompt via runas.

http://www.windows-commandline.com/windows-runas-command-prompt/

runas /user:domainname\username program

Open command prompt as Admin

runas /user:administrator cmd

And how to open an explorer window for graphical interface as Admin

runas /user:administrator explorer.exe

Both will ask you to provide the password for the specified user and if correct it will then launch a new process shell with those elevated rights. This is very similar to how su works in POSIX environments. Once as elevated you can then install your software.

This is a form of RBAC with two defined roles, "user" and "admin" and is the most simple implementation. More complex methods would have different accounts with different privileges that are used to do different things. And even this super simple method is too much hassle for the vast majority of home users.

 

[iam2thecrowe]

i am guilty of this, a recent one when installing minecraft mods through an auto installer, all of a sudden random addons and things installed. Then when you go to uninstall them, it asks you a question, it will remove this program and install another program in an endless loop. A combination of malwarebytes, spybot s&d and killing some services and reg entries manually fixed it. I dont think having standard uiser rights or admin would make a difference if i clicked next? would it?

If your able to install software then you have admin rights and no amount of security will fix that. The "proper" way to do this is to have two accounts, one that you log into the system as and only has local user privileges and another that was local administrative privileges. If you have a "run as admin" option when you right click then your current account as admin rights. As a user you can't install anything and instead you need to open a command prompt via runas.

http://www.windows-commandline.com/windows-runas-command-prompt/

runas /user:domainname\username program

Open command prompt as Admin

runas /user:administrator cmd

And how to open an explorer window for graphical interface as Admin

runas /user:administrator explorer.exe

Both will ask you to provide the password for the specified user and if correct it will then launch a new process shell with those elevated rights. This is very similar to how su works in POSIX environments. Once as elevated you can then install your software.

This is a form of RBAC with two defined roles, "user" and "admin" and is the most simple implementation. More complex methods would have different accounts with different privileges that are used to do different things. And even this super simple method is too much hassle for the vast majority of home users.

I tried a normal user account once, but sapphire trixx needs admin rights to OC my gpu. I suppose i could do the old fasion way and bios flash.

 

[palladin9479]

I tried a normal user account once, but sapphire trixx needs admin rights to OC my gpu. I suppose i could do the old fasion way and bios flash.

A program communicating directly with a hardware device would need admin access because that is a big attack vector. The proper way to go about it is to make a short cut using the above runas method that references it's executable instead of relying on a link in the startup folder. If you want to run it every time you log in and never ask for credentials, then you can use Task Scheduler. Log in as the administrative user, then create a task that runs the program, you can then specify which credentials are used to launch the program. The program will launch every time you log in, even the as a non-elevated account, and it'll launch with those admin credentials you specified upon creating the task.

http://windows.microsoft.com/en-au/windows/schedule-task#1TC=windows-7

Bonus points goes if you create a separate identity/role (really just another word for account) and only give it the explicit permissions that program needs rather then global admin rights. That's a bit much but it is the proper implementation of RBAC.

 

[f-14]

It's painful to see dozens of "blame the victim" posts, but that seems to be the trend on much of the Internet. It's equally troubling to see thoughtful posts like your own downvoted so hard. ...

you did it wrong. you're supposed to say should you blame the knife maker for not having anti human stabbing protection or blame the clothing maker for not being stabbing proof.
cheers

Indeed, that's why all I can do is upvote your's. :}

Those who down-voted me should explain why they are effectively supporting the opposite notion,
ie. that sw developers should be allowed to publish whatever junk they like with no liability at all.
Windows security flaws cause billions in damage every year worldwide, but nothing changes; the
down-voters are saying they think this is a good thing. Sheesh...

Ian.

so lets say i get stabbed walking down the street, do i go blame the police for not doing a good enough job? or do i blame my government because their citizens are unlawful? Is it my fault for walking down the street knowing that these things happen from time to time? or do i blame the guy that stabbe me?

I would blame the guy that stabbed me, seems you would blame the police and the government.........