Source: Kaspersky/Costin Raiu
Posted on 05/21/2017 4:05:49 PM PDT by dayglored
For a quick minute, it looked as though a strain of ransomware that was seemingly stolen from the United States National Security Agency (NSA) was going to be a major problem for PCs around the world, and in particular Windows XP systems. Microsoft even made the unusual move of releasing an emergency patch for Windows XP even though it stopped supporting the legacy OS a long time ago. But now a week after the initial WannaCry outbreak it's been discovered that Windows 7 PCs were the hardest hit.
A researcher for Kaspersky Lab posted a message on Twitter saying "the Windows XP count is insignificant," adding that Windows 7 took the brunt of the ransomware's activity. When looking at the overall infection rate, various builds of Windows 7 collectively accounted for more than 98 percent of PCs to be hit by WannaCry.
Of course. We've all been there, plenty of times. That situation hardly is restricted to software updates, as you must know.
> The situation described above is not hypothetical or theoretical, it is an actual situation I have encountered multiple times doing IT support over the years.
I never said the problem is "hypothetical or theoretical". You're setting up straw men.
Sure the problem exists, with ANY update to ANY operating system or application. I've encountered more than my share as well. So what? Are you claiming that users are unaware that all software has flaws and can misbehave? In 2017, really?
I defend my assertion that the best general advice is to install the updates, on the basis that the number of cases where they create serious trouble for the user (on the order of "won't boot") are very small compared to the number of cases where they prevent trouble for the user (on the order of "oh god I'm infected / my files are encrypted / etc.").
If you would have preferred to see a reminder to the effect of "... and before you install new updates, be sure to back up your computer", fine. I've stated that numerous times in the past in similar situations. I didn't do so this time, so I'll offer a mea culpa for that omission.
But the advice still stands. For the vast majority of Windows users, the good done by the security patches and stability fixes far outweighs the small danger of locking up the machine, and if the user has taken even the most rudimentary precautions -- which they should be doing anyway -- recovery is not too bad.
Personally I prefer VMs for this very reason. "Recovery" is a file copy, done. And if it's a really big filesystem, I partition off 100-150GB for the OS, and make a separate large data partition, so the system "disk" can be restored more quickly by itself.
> One simply cannot make a responsible recommendation for any particular case without knowing the whole of the situation.
Oh come on, of course one can, as a general recommendation, applied by the user to their own particular cases. And one is forced to do so "without knowing the whole of the situation", since one cannot possibly know the details of every user's individual circumstances.
Seriously, what do you recommend instead? Don't just keep criticizing me -- propose what someone on Free Republic (or any internet forum) posting articles regarding the largest ever ransomware outbreak, should tell their fellow FReepers, to help them stay out of trouble?
And yet, you never acknowledge any of the spycraft evil going on at microsuck.
Quite to the contrary. Many of the articles dayglowred has pinged in the past have concerned exactly that.
I think he's doing a pretty good job of using a pretty even hand on the articles. After all, most are posted by other folks. He just runs the ping list. In fact he does a much better job than I could because I personally think that MS is one of the greatest evils on the planet and the company has personally cost me more of my precious time in hair-pulling aggravation than any other that I can think of.
Unlike dayglowred, I'm pretty much a Linux guy. I respect what Apple has done with OSX, but have spent a grand total of probably about 3 hours actually using OSX, and that was mostly to attempt to recover data from my dear departed wife's Macbook so I could repurpose it to my mother in law.
I'm on the windows pinglist, not because I'm a user, but rather because those things that threaten Microsoft users tend to ultimately affect those of us who use superior operating systems, whether we want it to or not.
> Seriously, what do you recommend instead?
1) use an ad blocker and a script blocker when using the web
2) don’t open attachments from people you don’t know
3) stay away from porn sites
The same old rules that kept smart users safe on the web for the past 20 years are still good today.
> Unlike dayglowred, I'm pretty much a Linux guy.
Actually, I'm overall more of an *IX guy than anything else, with a slight preference for BSD, and work very happily in Linux (Ubuntu and CentOS mostly) all day long.
My current preference for OS X as my home "on the metal" base OS is that it allows me to run EVERYTHING else in VMs if I wish. If I had any other hardware, I wouldn't be able to run OS X when I need to, and I find Apple hardware quite reliable and long-lasting.
The drawback of using OS X is, of course, that it's a walled garden -- you do things Apple's way, or the highway. But I mainly use OS X for mail, browsing, iTunes to manage device content, and to host all my various VMs, so it doesn't get in my way at all. Time Machine is a great, painless backup program.
Having VMs of everything gives me the widest possible OS and application palette, and being largely OS-agnostic by nature, that works best for me.
As with so much else in computing, YMMV...
Those are excellent rules; I have used them myself to good effect. And in my comments over the past years here, you'll see that I've recommended those rules, especially to those folks who prefer to not install updates. There's no law saying you have to do anything regarding updates, but prudence dictates caution if one chooses to operate with compromised security.
The larger issue is that a ton of Windows users:
you can’t cure stupid, but you can make backups
Agreed.
Having VMs of everything gives me the widest possible OS and application palette, and being largely OS-agnostic by nature, that works best for me.
While the following doesn't directly speak to that, I thought you might be interested...
I do a lot of stuff with DNS these days. My main job is supporting the DNS infrastructure at a company that has deployed Bluecat DNS appliances. Recently we finally got permission to finally purchase some VMs of the appliances so I could build a local virtual lab.
OMG, it's so sweet to finally be able to actually really mess with the appliances without having to worry about toasting a production environment. Right now, I've got 4 appliances (1 admin/database, and 3 DNS servers) running under vmware set up in a little segregated LAN segment. Thankfully, I've got tons of ram on my main workstation. I've been able to set up all my home-grown support scripts to make this little environment almost perfectly mirror what I have deployed into the field. It's pretty cool kicking off a script to run twenty to thirty thousand queries that represent just about every record we have deployed and see that run in just a few minutes. Given network delays and whatnot, doing the same in my production environment takes quite a bit longer than what is essentially local queries, as all the network connectivity is just bouncing around the same box.
When I first started using vmware, I was of the opinion that it is the greatest thing since sliced bread. I've come to qualify that a bit, as we have seen some pretty serious issues in production ESX environments that require really low latency (think network appliances for example), but for lab work, there really is no comparison. It's even better than a physical lab IMO, as I can toast and restore a VM faster than I ever could a physical box.
Anyway, install always hangs near the end for one install, hangs after desktop is installed on the other.
I own my own small IT company. I flash ASUS routers with linux ddwrt firmware. I have done desktop support since windows 95.(former IBM MVS JES2/3 technical support)
I am sick of Microsoft. If I am having a tricky time getting Linux up and going on a Microsoft device, what about those who have very little computing experience?
Indeed.
I figure those who do not make backups get what is coming to them when the inevitable hardware failure occurs.
My worst case scenario is a fire at my house. In that case, at most I'll lose up to a months worth of data, as I swap out my offsite backup to my safe deposit box at the bank about that often. I can live with that though, as it is much better than losing everything
Yeah, I had read that as well, and was actually thinking of that too when I posted but forgot to include it. That's been my policy as well. I guess I'm less afraid of the [other] hackers than I am of Microsnot.
Unfortunately, if they do, the primary motivation will be to build in even more (and more intrusive) spyware and malware, and getting that to work will be Job 1. If they do happen to improve the architecture from a security (from others than them and the NSA) standpoint, it would be only an afterthought with minimal quality control (and may even be impossible to do well as it might then pose difficulties for their own spyware).
I'm anything but a MS fanboi/gurl, though I use their products in certain scenarios, and I've always found dayglored's posts interesting, informative, and definitely not propaganda.
Which annoys me on principle. Apple strong-arms VMWare and the other VM guys into not allowing OSX to virtualize on other environments and they end up benefiting from it, as in your case, when I would have preferred that to come out as a loss for them. This annoys me (plus I don't really like having to use their UI on the host).
At work my workstation is CentOS, and I use Xen as my VM host software, which is great because I can do all the VM client management from the command line, and thus manage things remotely (e.g. over VPN) with just a terminal.
Thank you for those kind words. :-)
Best FRegards,
Dayglored
I'm in the Recovering-Win-Migrating-to-Linux phase of grief, but philosophically, that would be my choice as well if it were available. Fortunately, I don't have to do anything in OSX, so it's moot for me. Windows and Linux play reasonably nice together.
> Unfortunately, if they do, the primary motivation will be to build in even more (and more intrusive) spyware and malware...
Well, I'm sure they'd migrate their nasty stuff to the new base structure, but I can't imagine it would be much more or less intrusive than what they're doing and plan to do with the NT codebase. So I don't see it as a downside, just more of the same, and maybe easier to build because they could design it in instead of bolt it on. But that's just my guess.
Larger picture: I don't think that Microsoft is intrinsically any better or worse than Google, Facebook, or other agencies that get hold of your personal information and use it to generate marketing data to sell or use themselves. I don't like how much these agencies know about my purchases, browsing history, downloads, etc. Microsoft is easy to pick on because they provide the platform most people use. I choose to use Linux or Mac for most things, and use Windows for those Windows-only programs I need to run.
> I'm in the Recovering-Win-Migrating-to-Linux phase of grief, but philosophically, that would be my choice as well if it were available. Fortunately, I don't have to do anything in OSX, so it's moot for me. Windows and Linux play reasonably nice together.
Yeah, I get that. My work life is cluttered -- here a Linux box with a VM of Windows, there a Windows box with a VM of Linux, yonder a box with a VM of itself, for software testing that might destroy the installed system... servers with VMware ESX and clients of Solaris UNIX, FreeBSD, Windows, and Linux, all on the same piece of hardware... I could not function these days without VMs that allow multiple environments in a single piece of hardware.
The dirty secret is: It's also really a great deal of fun, and in nearly every instance, beats hell out of dual/multi-booting.
Sorry to hear about the grief, but I predict it will get better, and sooner rather than later. :-)
Agreed, but my point being that I don't hold out too much hope for improved security arising from new code bases because the priorities and funding for such a huge undertaking would arise from elsewhere.
Larger picture: I don't think that Microsoft is intrinsically any better or worse than Google, Facebook, or other agencies that get hold of your personal information and use it to generate marketing data to sell or use themselves. I don't like how much these agencies know about my purchases, browsing history, downloads, etc. Microsoft is easy to pick on because they provide the platform most people use. I choose to use Linux or Mac for most things, and use Windows for those Windows-only programs I need to run.
Agree. The only reason I'm singleing out MS in my comment here is that they're the topic. I'd be saying the same of Google or FB (except that as an OS, MS I think bears more responsibility, and is therefore more culpable, but certainly no worse in the behavior than the others)
Sorry to hear about the grief, but I predict it will get better, and sooner rather than later. :-)
That was just for humor purposes. I'm actually having fun with it too, and learning.
My son tweaked my W7 for me so that I don’t get the W10 nags and I can still get any updates that come along. I think my Malwarebytes might have caught the wannacry. It froze up my computer a couple of days before that came out and put a note on the screen to shut it down after doing a particular procedure that shut down background stuff I wasn’t even aware was running then said for me to leave it off until 0600, about 7 hours later. I did it like that and it is running a lot faster since. I really don’t know what that was all about and am just guessing because of the timing.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.