An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Wanna Cry
#44587 05/15/17 04:08 PM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
It seems the whole internet is collectively losing their mind over winders ransomware spam, this one is apparently named "Wanna Cry". I'd like to hear Tacit's assessment of the threat. Sounds like something that comes down to a social engineering / "you can't fix stupid" sort of thing?


I work for the Department of Redundancy Department
Re: WannaCry
Virtual1 #44588 05/15/17 05:07 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Of course it is. But Microsoft's (lack of) implementation of security updates is equally at fault.

FYI: The government of Saskatchewan's website is one of the latest to fall under the thrall of WannaCry.* They cry that their security procedures are "robust", and yet ....
Politicians just can't help lying; that's what qualifies them to be politicians.
Makes ya wanna cry.

* EDIT: Apparently the attack was a DDoS; it remains to be determined whether it was related to WannaCry.

Last edited by grelber; 05/15/17 11:22 PM. Reason: More info
Re: WannaCry
grelber #44590 05/15/17 05:14 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: grelber
...Microsoft's (lack of) implementation of security updates is equally at fault.

Apparently, it's not necessarily Microsoft that's at fault.

Originally Posted By: Wikipedia
A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems,[20] but many organizations had not yet applied it.[21]


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: WannaCry
artie505 #44595 05/15/17 07:41 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: artie505
Apparently, it's not necessarily Microsoft that's at fault.

Yes, that's what I said.
Microsoft also withheld the security update for some its older OS versions unless users ponied up some shekels for same.

Re: Wanna Cry
Virtual1 #44605 05/16/17 12:47 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
WannaCry is a menace because it is not being spread through social engineering tricks like emails or phishing. It's being spread as payload for a completely automated worm that exploits a flaw in Microsoft's SMB networking protocol.

The Windows vulnerability was discovered by the NSA some time ago. Rather than inform Microsoft of the vulnerability, which allows a person to remotely compromise a network-connected Windows machine without the owner of the machine doing anything, the NSA used it as a spying tool.

The NSA itself got hacked by a hacking group calling itself Shadow Brokers, who lifted detailed NSA documents describing a large number of security vulnerabilities the NSA had discovered and used as hacking tools. Shadow Brokers released the documents, and then a second group of hackers combined the vulnerability with the WannaCrypt ransomware to create WannaCry.

WannaCry spreads itself silently and automatically, without social engineering. Microsoft has taken the problem so seriously that not only have they released a security update to close the vulnerability, they went back and released the same update for ancient, unsupported Windows installs like Windows XP (the first XP update in a very long time). Imagine if Apple released a new security update for OS X Panther; that'll tell you how unusual that was.



Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: WannaCry
grelber #44606 05/16/17 12:51 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: grelber
Originally Posted By: artie505
Apparently, it's not necessarily Microsoft that's at fault.

Yes, that's what I said.
Microsoft also withheld the security update for some its older OS versions unless users ponied up some shekels for same.

confused   But you blamed Microsoft - "But Microsoft's (lack of) implementation of security updates is equally at fault.
" - when they had, in fact, issued a patch two months ago.

More: Can you document Microsoft's having charged for the XP, et. al, updates? My search turned up nothing of the sort.

Last edited by artie505; 05/16/17 05:53 AM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: WannaCry
artie505 #44609 05/16/17 08:30 AM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: artie505
Can you document Microsoft's having charged for the XP, et al, updates? My search turned up nothing of the sort.

I recall seeing it in an early news article (most likely in The New York Times) — but it was a comment made en passant and it may have been removed in subsequent updates, and since I didn't make a copy of the article, I can't oblige with a legitimate quote.
(If I hadn't read it, I wouldn't have said it. I'm not in the habit of promulgating "false news".)

Re: WannaCry
grelber #44611 05/16/17 09:17 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: grelber
Originally Posted By: artie505
Can you document Microsoft's having charged for the XP, et al, updates? My search turned up nothing of the sort.

I recall seeing it in an early news article (most likely in The New York Times) — but it was a comment made en passant and it may have been removed in subsequent updates, and since I didn't make a copy of the article, I can't oblige with a legitimate quote.
(If I hadn't read it, I wouldn't have said it. I'm not in the habit of promulgating "false news".)

Not all "real news" turns out to be real in the end. crazy

After having read three articles that mentioned nothing about Microsoft having charged for the update, I was wondering whose sources were more credible.

Hmmm... I wonder if you maybe saw an incorrectly referenced mention of the fact that when Microsoft dropped support for (I think it was) XP they did offer continued support - at what I assume was a hefty fee - to major corporate/institutional users.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: WannaCry
artie505 #44617 05/16/17 03:32 PM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
Originally Posted By: artie505
After having read three articles that mentioned nothing about Microsoft having charged for the update, I was wondering whose sources were more credible.

Hmmm... I wonder if you maybe saw an incorrectly referenced mention of the fact that when Microsoft dropped support for (I think it was) XP they did offer continued support - at what I assume was a hefty fee - to major corporate/institutional users.

"Worried about WannaCry attacking your legacy Windows XP business computers? Worry no more! We have a fix! For only $100 in bitcoin we will send you an executable to run on your..."


I work for the Department of Redundancy Department
Re: Wanna Cry
Virtual1 #44631 05/17/17 07:17 AM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4

Re: WannaCry
Virtual1 #44638 05/17/17 10:30 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Did you or anybody else run across anything about WannaCry being able or unable to get to a mounted volume other than the one it's infected?


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: WannaCry
artie505 #44639 05/17/17 03:22 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: artie505
Did you or anybody else run across anything about WannaCry being able or unable to get to a mounted volume other than the one it's infected?

No.
The prevailing wisdom is to backup remotely (where remote seems to mean off-site) for protective/restorative purposes.
It may take a while before it or similar malware jumps into the Apple realm, but it would be good to know if a separate volume (even though physically attached to the same computer) is sufficiently "remote backup" to escape the ravages of ransomware.

Re: WannaCry
grelber #44640 05/17/17 03:36 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: grelber
...it would be good to know if a separate volume (even though physically attached to the same computer) is sufficiently "remote backup" to escape the ravages of ransomware.

I think that as far as WannaCry and other such things go, "unmounted" equals "remote".

Last edited by artie505; 05/17/17 03:54 PM. Reason: Rewrite

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: WannaCry
artie505 #44642 05/17/17 04:07 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: artie505
Originally Posted By: grelber
...it would be good to know if a separate volume (even though physically attached to the same computer) is sufficiently "remote backup" to escape the ravages of ransomware.

I think that as far as WannaCry and other such things go, "unmounted" equals "remote".

Let's hope and pray so ... although tacit's chiming in here wouldn't hurt.


Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.030s Queries: 42 (0.023s) Memory: 0.6416 MB (Peak: 0.7535 MB) Data Comp: Zlib Server Time: 2024-03-28 20:32:45 UTC
Valid HTML 5 and Valid CSS