Community Discussion About The Effects of the "Wanna Cry" Ransomware.

Javelina
Posts: 221
Joined: Sun Oct 24, 2010 5:34 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Javelina » Mon May 22, 2017 11:26 am

Here's one more ironic detail. Due to an ancient error in Win XP's pseudo-random number generator, systems still running old versions of XP are able to create a decryption key to get their files back! That isn't possible for Vista, Win 7, 8 etc. Symantec figured it out, see here hxxps://medium.com/threat-intel/wannacry-ransomware-decryption-821c7e3f0a2b
This is due to a flaw that exists in Windows XP versions SP1 and SP2, and which was patched way back in 2008 in Windows XP SP3... However, those that do still have computers running those older systems could exploit a flaw in the pseudo-random number generator (PRNG) that allows someone to predict encryption keys that would be created in the future and, crucially, reveal keys that had been generated in the past. An individual could exploit this flaw to reveal the decryption key in memory if the malware is still running, and hence free their files from the grip of WannaCry.

destinationtruth
Posts: 806
Joined: Tue May 12, 2015 7:47 pm
Location: Cherokee Nation

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by destinationtruth » Fri May 26, 2017 11:12 am

A good read from Emsisoft: _http://blog.emsisoft.com/2017/05/18/wannacry-ransomware-interview/?ref=newsbox_ticker170524&utm_source=newsbox&utm_medium=software&utm_content=ticker170524&utm_campaign=ticker170524

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Nulander » Thu Jul 27, 2017 2:07 pm

Just my two cents: I passed on Win10, the last september, after months passed without a working AV solution on the system, due to the increasing resource-demanding solution, no more suitable for 32bit computers. The only thing I got installed was a passive Anti-exploiter tool (Malwarebytes Anti-exploit), an updated browser and an anti-ads plugin, that nowadays protects the user from malicious attacks like malwartisements. I surfed for months without any problem, checking here and there the task manager processes list, in order to ensure that always was fine (as it was). I managed to pass to Win10 for the new developement policy adopted by MS, has directed more efforts in order to make an OS slim and not heavy, like it was for the precedent versions of their products.

MS should point more about this solution, and I'm talking about the possibility to upgrade to their last released product, even for legacy and low-end systems. It's a good idea, in order to avoid problems.

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Nulander » Thu Jul 27, 2017 2:11 pm

MS products still continue to cover a good part of the market, and their move is good. Now we will see what happend with the release of RedStone 3, for it will introduce more security layers, in order to contrast the ransomware plague spreading. I heard about the integration of EMET too (so I don't know how Malwarebytes and similar are going to fit their A-E solution, but doesn't matter). Instead, I have found that the "software SmartScreen warning" doesn't give enough informations and considering that it is a security tool checksum-based, having just a warning window that tells you not to open a file, is stupid. They should fill it with more technical informations, maybe Mutiple-AV check results (for example), to let the user get more infos to decide if launch the tool or not.

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Nulander » Thu Jul 27, 2017 2:17 pm

<quote user="a440">
Running a machine with XP, without safeguards or knowledge is foolish.
[/quote]

Not all the people out there have the possibility to spend thousand of Euro to change a computer that is still working, just have an outdated OS. I managed to pass from XP to Win10 just because the MS internal politics have changed after the Ballmer departure (following the Win8 fiasco). Otherwise I would still writing at them moment with an XP machine, for the simply reason that for what I have to do, it works fine and is a non-sense to keep a system stuck with an non optimized OS.

Computers are not fish tanks. If they are slow and doesn't work well, they're useless. If I know that upgrading could result in this, I avoid doing so. So I remark again: good for MS to have start release products that are based on common sense and not just to harvest the user-base money.

hitbit_3
Posts: 4
Joined: Sat Aug 08, 2015 1:56 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by hitbit_3 » Sat Aug 12, 2017 9:55 pm

I visit a lot of business premises. its shocking to see the huge numbers who still run the excellent but now unsupported Windows XP..
Their lax attitude to security is alarming.

Hitbit

Post Reply

Who is online

Users browsing this forum: NotBuyingIt, QuickCredit.in and 2 guests