Massive ransomware attack

I saw this How to protect yourself from the massive ransomware attack CNN News and my immediate comment on how to prevent such an attack in the future was to replace Windows OS with Linux OS.

habibie Wrote:
-------------------------------------------------------
> I saw this [url=http://money.cnn.com/2017/05/13/te
> chnology/ransomware-attack-protect-yourself/index.
> html]How to protect yourself from the massive rans
> omware attack[/url] CNN News and my immediate comm
> ent on how to prevent such an attack in the future
> was to [b]replace[/b] Windows OS with Linux OS.

Supposedly this attack used tools leaked or stolen from the NSA, and there's likely more out there in the wild.

Think about it though, you can have several Windows machines on a LAN and seal it from the outside world. The whole problem here is laziness, pure and simple (unless you're the administrator of a hospital where it has to be online).

In my case I have backup images for all my machines spread out over a few of them, and never are all of those computers on at the same time, use Ghostery and Avast (* tweaked right), and I haven't had a problem in years.

Ghostery is a must, me thinks. It's a browser extension that shows you who is tracking you, and it blocks them. It's insane when you see how many entities are tracking you, and deduce what they know about people.

Ultimately one of these days the lights are going to go out.

=========
-= Cloud 9 =-

Hey, for $10.69 a 22 year-old sinkholed it! The truth is stranger than fiction.

=========
-= Cloud 9 =-



Edited 1 time(s). Last edit at 05/13/2017 07:04PM by JoeyPogoPlugE02.

JoeyPogoPlugE02 Wrote:
-------------------------------------------------------
> habibie Wrote:
> --------------------------------------------------
> -----
> > I saw this How to protect yourself from the massive ransomware attack CNN News and my immediate comment on how to prevent such an attack in the future was to replace Windows OS with Linux OS.
>
> Supposedly this attack used tools leaked or stolen from the NSA, and there's likely more out there in the wild.
>
Exactly.

> Think about it though, you can have several Windows machines on a LAN and seal it from the outside world. The whole problem here is laziness, pure and simple (unless you're the administrator of a hospital where it has to be online).
>
As long as your LAN has no WiFi and/or Internet connection, the only way to hack your computers connected to such a LAN is to physically access the computers. For a multi-users and/or multi-tasking computer, i.e. Linux, Mac, or Windows, the least cost and most efficient protection is a non-privilege user account, AFAICT. The problem is majority people who don't know anything about a privilege account (root, superuser, or Administrator) operate their computers on a daily basis with a superuser account. To make it worst, they like to click anything when surfing Internet and/or reading their e-mails, probably like John Podesta (Hillary Clinton’s campaign chief). People like this also have some mental blocks thinking their anti-virus software will protect their computers. Well, an anti-virus software will only protect a computer from any existing and not from new attacks.

> In my case I have backup images for all my machines spread out over a few of them, and never are all of those computers on at the same time, use Ghostery and Avast (* tweaked right), and I haven't had a problem in years.
>
I only keep a copy of my important data in some compressed tar files and never perform a back up for my Linux desktop OS. Worse comes to worst, I will just simply reinstall the OS.

> Ghostery is a must, me thinks. It's a browser extension that shows you who is tracking you, and it blocks them. It's insane when you see how many entities are tracking you, and deduce what they know about people.
>
Yes and I have it installed on both my Chromium and Google Chrome web browser.

For what it's worth, I know this isn't a Window site, but because the whole world is getting hammered by this mischievous worm and we all know Windows users, this site is where to get the patches for Windows, many versions. I've patched two computers, and all you need to know is, in Control Panel > Administrative Tools > Services, two items need to be running or not disabled, and they are Windows Defender and Windows Updates. You can still cut Internet connection if it's a questionable install for Windows (I've seen a few things in my repair life) and it'll be fine, just reverse when you're rebooted.

So I've got x86 and x64 on USB stick for emergency patching.

=========
-= Cloud 9 =-



Edited 1 time(s). Last edit at 05/14/2017 10:55PM by JoeyPogoPlugE02.

JoeyPogoPlugE02 Wrote:
-------------------------------------------------------
> Hey, for https://www.washingtonpost.com/news/
> worldviews/wp/2017/05/13/a-british-researcher-says
> -he-found-a-kill-switch-for-the-malware-crippling-
> computers-worldwide/]$10.69 a 22 year-old sinkhole
> d it! The truth is stranger than fiction.

The researcher thought it was a flaw. But IMO it might be an intentonal killswicth.

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

I find this amazing that all of these flaws exist. I truly believe it is all baked in just for those three letter agencies.

I have not run a virus program for about 10 years now and have never had a problem along these lines. The only browser plug-ins I have are noscript and https everywhere. I would attribute my luck as it would seem to noscript which blocks everything from a website unless you specifically allow it to run. I watch free movies on some doddgy(sp) sites and have found the minimum scripts needed to see what I want while blocking all else. There have been so many viruses that get around virus programs that I believe they have outlived their use without some serious reworking.

Until companies are held fiscally liable for security breaches and security flaws I don't believe it will get any better.
Putting the onus on people to secure their devices is ridiculous. It would be like telling the average person they need to build their own nuclear reactor for power now as the power grid is going away. I mean to have devices still running telnet by default is insane and as neglectful as it gets.

Another part of the problem is all of these bots scanning for ports on the net. When I set up ssh access to my home system I was horrified in how fast I was discovered and then at how often I was probed to try and to gain access. Fail2ban was crucial to stopping all but the very persistent for me but the ISP's or higher internet gods need to do something to drop the attempts from these ip's.

Most of these tech companies make more money than all but the top countries and it is time to start fining them heavily based on the severity of the problems that arise and use that money on securing the net and software.

To me all of these people who find and use these exploits are hero's and need to be funded and are entitled to every dollar they steal. They are working hard to find these problems and it helps make things safer and more secure for us when made public or discovered. Going after them to prosecute them is just proof to me that the big companies and governments want these exploits in place to spy on us.

Well better get back to relining my foil hat.

This is real easy to patch yourself too. Since the problem is Windows Server Messaging Block (SMB) protocol version 1, on any Windows machine you can:

"Type Turn Windows features into the Start Menu and click the entry for Turn Windows features on or off.
Scroll down to SMB 1.0/CIFS File Sharing Support and uncheck the box.
Give Windows a moment to apply the changes, then you’ll have to restart your computer to complete the action.
Once that’s done, you’ve disabled the awful, insecure protocol from running on your computer.

Source:

=========
-= Cloud 9 =-

This isn't really a fix, the code could easily be modified to turn a service on at next boot, besides turning off a networking service preventing printing and or file sharing makes the network useless.

@ feas I posted late and agree these things (vulnerabilities) are certainly baked in, for three-letter agencies. But, whatta ya do?
I'm not concerned about governments getting into my stuff so much as neighborhood punks LOL So my security is set to anti-punk.

=========
-= Cloud 9 =-

JoeyPogoPlugE02 Wrote:
-------------------------------------------------------
> @ feas I posted late and agree these things (vulne
> rabilities) are certainly baked in, for three-lett
> er agencies. But, whatta ya do?

Write letters to representatives that the government needs to held accountable for not disclosing/fixing discovered vulnerabilities and that the companies responsible be fined for them enough for them to protectively fix as the cheaper option. Also don't buy into this it's to fight terrorism B.S. they have been shoving down our throats to take rights away from us.

> I'm not concerned about governments getting into m
> y stuff

Thats a shame. I firmly believe in proper probable cause to even think about looking my (or anyone else for that matter) way.
I have nothing to hide thinking is part of what got us to this surveillance state. Several years ago I use to work for an engineering company in Virginia doing survey work and the amount of new data centers in the area raised the hairs on the back of my neck back then.

so much as neighborhood punks LOL So my se
> curity is set to anti-punk.

Thats the best 99.9% of us can do and I consider myself better than the average computer user. Most people are like my brother-in law who calls me to ask how to print a file he saved from facebook and doesn't know where it is.

here we go again.

https://www.nomotion.net/blog/sharknatto/