Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
posted by n1 on Monday May 15 2017, @12:43AM   Printer-friendly
from the mouse-and-cat dept.

[Update at 20170515_022452 UTC: Instructions for what to do on each affected version of Windows can be found at: https://www.askwoody.com/2017/how-to-make-sure-you-wont-get-hit-by-wannacrywannacrypt/ -- I've had excellent luck in the past following his advice on when and how to update Windows. Clear, hands-on instructions are a big win in my book. --martyb]

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS.

tl;dr: If you have not already patched your Windows computer(s), you may be at risk from a new variant of the WannaCrypt ransomware worm which lacks a kill switch and was seen over the weekend. Sysadmins are preparing for a busy Monday when countless other users return to work and boot up their PC.

WannaCrypt (aka WCry), is a ransomware worm that wreaked havoc across the internet this past weekend. It disabled Windows computers at hospitals, telecoms, FedEx, and banks (among many others). Files on user's machines were encrypted and the worm demanded $300 or $600 worth of Bitcoin to decrypt (depending on how quickly you responded). Reports first surfaced Friday night and were stopped only because a researcher discovered a domain name in the code, which when registered, caused the malware to stop infecting new machines.

We're not out of the woods on this one. Not surprisingly, a variant has been seen in the wild over the weekend which has removed the domain check. Just because you may not have been hit in the initial wave of attacks does not necessarily mean you are immune.

Back in March, Microsoft released updates to Windows to patch vaguely-described vulnerabilities. Approximately one month later, a dump of purported NSA (National Security Agency) hacking tools were posted to the web. The WannaCrypt ransomware appears to be based on one of those tools. Surprisingly, the Microsoft patches blocked the vulnerability that was employed by WannaCrypt.

In a surprising move, Microsoft has just released emergency patches for out-of-mainstream-support versions of Windows (XP, 8, and Server 2003) to address this vulnerability.

Sources: Our previous coverage linked above as well as reports from the BBC Ransomware cyber-attack threat escalating - Europol, Motherboard Round Two: WannaCrypt Ransomware That Struck the Globe Is Back, and Ars Technica WCry is so mean Microsoft issues patch for 3 unsupported Windows versions.

What actions, if any, have you taken to protect your Windows machine(s) from this threat? How up-to-date are your backups? Have you tested them? If you are a sysadmin, how concerned are you about what you will be facing at work on Monday?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2) by MichaelDavidCrawford on Monday May 15 2017, @12:55AM (11 children)

    this is a common problem: when I tell windows update to do its thing, it says "Checking for Updates" then never finishes checking.

    I've tried several of the reported workarounds.

    I figure I'll have to reinstall windows anyway, so I'll just wait until some manner of ransomware 0wnz0r5 me.

    --
    Yes I Have No Bananas. [gofundme.com]
    • (Score: 3, Informative) by butthurt on Monday May 15 2017, @01:18AM (5 children)

      by butthurt (6141) on Monday May 15 2017, @01:18AM (#509668) Journal

      Back in the days of Windows XP, it used to be possible to run Microsoft Baseline Security Analyzer, get from that a list of missing patches, then download and install them (most came in the form of self-installing executables) without running Windows Update.

      In November 2013 MBSA 2.3 was released. This release adds support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 2000 will no longer be supported [...]

      -- https://en.wikipedia.org/wiki/Microsoft_Baseline_Security_Analyzer [wikipedia.org]

      Did you try WSUS Offline Update?

      Using WSUS Offline Update, you can update any computer running Microsoft Windows safely, quickly and without an Internet connection.

      -- http://www.wsusoffline.net/ [wsusoffline.net]

      • (Score: 2) by acharax on Monday May 15 2017, @04:44AM (4 children)

        by acharax (4264) on Monday May 15 2017, @04:44AM (#509765)

        I second WSUS Offline. It might be a bit clunky but it works.

        • (Score: 1) by butthurt on Monday May 15 2017, @06:15AM

          by butthurt (6141) on Monday May 15 2017, @06:15AM (#509806) Journal

          Thanks for weighing in. I don't have any actual experience with that myself.

        • (Score: 2) by TheB on Monday May 15 2017, @11:50AM (2 children)

          by TheB (1538) on Monday May 15 2017, @11:50AM (#509948)

          After a failed update corrupted parts of my win 7 install, it was WSUS Offline that finally saved it.
          If anyone is having troubles with Windows Update they should definitely give WSUS Offline a try.
          Windows Update works again after WSUS fixed the system.

          • (Score: 2) by kaszz on Monday May 15 2017, @10:12PM (1 child)

            by kaszz (4211) on Monday May 15 2017, @10:12PM (#510252) Journal

            How did you get the files and bootmedia for WSUS if the system was corrupted?

            • (Score: 2) by TheB on Tuesday May 16 2017, @08:23PM

              by TheB (1538) on Tuesday May 16 2017, @08:23PM (#510725)

              The OS still ran.

              Windows Update had crashed the system during an update, leaving corrupted files in the WU cash, missing files in "C:\Windows\Servicing\", garbled DISM log, and left bugs in the registry.
              The system was otherwise stable.

    • (Score: 0) by Anonymous Coward on Monday May 15 2017, @01:36AM

      by Anonymous Coward on Monday May 15 2017, @01:36AM (#509674)

      It's probably because there are so many updates that have been installed. I had the same problem for the first one of these stupid monthly security updates. I had to use WSUS offline update to install enough of the patches that the official installer would work.

    • (Score: 2) by physicsmajor on Monday May 15 2017, @02:08AM

      by physicsmajor (1471) on Monday May 15 2017, @02:08AM (#509688)

      There are standalone installers for this patch. You only need the Windows Update service running, and only while the patch is being installed - you can disable it afterward, before restarting.

    • (Score: 1) by toddestan on Monday May 15 2017, @03:13AM (1 child)

      by toddestan (4982) on Monday May 15 2017, @03:13AM (#509731)

      If you've got Windows 7, reinstalling won't help you. You'll be OK to SP1, and then it'll be an endless update check after that.

      It's not actually endless though, it will generally finish after a day or two if you just let it sit and keep running.

      • (Score: 2) by tynin on Monday May 15 2017, @03:58PM

        by tynin (2013) on Monday May 15 2017, @03:58PM (#510077) Journal

        I've found the process to be very RAM intensive as it catalogs and checks what version of everything you are running so it can give you the correct patch list. The more RAM you have, the faster it'll finish, otherwise the list it creates has to keep spilling to disk, then read back in later, etc etc. After nearly a week, I was able to get an older computer with 2GB of RAM to finish patching, but I'll never go through that again. The computer was my Grandma's and I've successfully got her running on a Raspi 3b running Raspian with MATE, with a nice 27" monitor running in 720p so the fonts are nice and big for her. She has been using it for nearly a year and is quite happy with it.

    • (Score: 0) by Anonymous Coward on Monday May 15 2017, @03:48AM

      by Anonymous Coward on Monday May 15 2017, @03:48AM (#509747)

      http://download.wsusoffline.net/ [wsusoffline.net]

      Waiting for Windows Update to function is a waste of time.

  • (Score: 3, Interesting) by butthurt on Monday May 15 2017, @01:28AM (5 children)

    by butthurt (6141) on Monday May 15 2017, @01:28AM (#509670) Journal

    What does it say about the NSA, if [a] lone security researcher finds and activates a kill switch before they do?

    -- divec

    • (Score: 1, Insightful) by Anonymous Coward on Monday May 15 2017, @01:34AM

      by Anonymous Coward on Monday May 15 2017, @01:34AM (#509673)

      What does it say about the NSA, if [a] lone security researcher finds and activates a kill switch before they do?

      Hmm ... you know, that guy sure sounds like he had some inside information. I bet he's guilty ... let's hack into his system.

    • (Score: 2) by Dunbal on Monday May 15 2017, @03:45AM (3 children)

      by Dunbal (3515) on Monday May 15 2017, @03:45AM (#509744)

      Why would the NSA shut down its own back-door?

      • (Score: 2) by frojack on Monday May 15 2017, @04:27AM (1 child)

        by frojack (1554) on Monday May 15 2017, @04:27AM (#509758) Journal

        Maybe they put in that back door in case THIS VERY THING happened?

        --
        No, you are mistaken. I've always had this sig.
        • (Score: 3, Insightful) by Dunbal on Monday May 15 2017, @05:07AM

          by Dunbal (3515) on Monday May 15 2017, @05:07AM (#509776)

          Nahh. It's must easier just to blame Russia, and then wait until Microsoft issues a "patch" with a new undocumented backdoor and they're in business again.

      • (Score: 4, Interesting) by butthurt on Monday May 15 2017, @05:35AM

        by butthurt (6141) on Monday May 15 2017, @05:35AM (#509786) Journal

        I hear a sussuration, as though a joke were passing high overhead. I shall ignore it.

        The "kill switch," I gather, refers to a feature of the ransomware:

        [...] a researcher discovered a domain name in the code, which when registered, caused the malware to stop infecting new machines.

        As I understand it, the ransomware was not entirely coded by the NSA. I'm unsure, but it may even be true that no NSA code was included directly: that the ransomware authors used information about vulnerabilities in Windows. That information came from the Shadow Brokers, who say it originally came from the NSA; the NSA has not confirmed that. Hence the "kill switch" wasn't necessarily the NSA's creation.

        If it isn't obvious, what the Slashdot commenter seems to have meant is that the NSA is charged with advancing information security and has immense resources and expertise. The implication is that they should have registered gwea.com and used it to (temporarily) halt the spread of the malware. Instead that was done by a private person:

        http://www.thedailybeast.com/articles/2017/05/12/stolen-nsa-tech-shuts-down-hospitals [thedailybeast.com]

        In March, Microsoft issued patches for three of the vulnerabilities that were later disclosed by the Shadow Brokers. Microsoft didn't credit anyone for disclosing those bugs. There's been speculation that the NSA informed Microsoft about them. If that happened, it could be described as closing their own backdoor.

  • (Score: 1, Funny) by Anonymous Coward on Monday May 15 2017, @01:28AM (4 children)

    by Anonymous Coward on Monday May 15 2017, @01:28AM (#509671)

    I've hired a man with a backhoe to dig a hole in the backyard, and tomorrow morning we'll drop all the Windows machines in there. This is not the same side of the yard where I've hidden all the bodies, so I won't have to kill the backhoe operator.

    • (Score: -1, Redundant) by Anonymous Coward on Monday May 15 2017, @01:48AM (2 children)

      by Anonymous Coward on Monday May 15 2017, @01:48AM (#509676)

      For completeness you should rape the backhoe operator to death.

      • (Score: 0) by Anonymous Coward on Monday May 15 2017, @01:58AM (1 child)

        by Anonymous Coward on Monday May 15 2017, @01:58AM (#509682)

        In his back hole.

        • (Score: 0) by Anonymous Coward on Monday May 15 2017, @08:21AM

          by Anonymous Coward on Monday May 15 2017, @08:21AM (#509844)

          With his backhoe.

    • (Score: 2) by Dunbal on Monday May 15 2017, @03:48AM

      by Dunbal (3515) on Monday May 15 2017, @03:48AM (#509746)

      Is that the side of the yard you didn't dig before because of the gas lines? Good luck. Here, take this kerosene lamp with you I'm all out of batteries for my flash light.

  • (Score: 0) by Anonymous Coward on Monday May 15 2017, @01:50AM

    by Anonymous Coward on Monday May 15 2017, @01:50AM (#509677)

    I disabled SMB1 (client+server) just in case.

  • (Score: 2) by Appalbarry on Monday May 15 2017, @01:51AM (3 children)

    by Appalbarry (66) on Monday May 15 2017, @01:51AM (#509678) Journal

    I tend to assume that, even with updates auto-installing, the one Windows 10 machine in the house is vulnerable. I opt for regular backups, with yesterday being the most recent.

    Expect the worst, and act accordingly.

    (I blithely, and no doubt eventually foolishly, continue to assume that my Linux boxes will not have problems like this.)
    (And assume that my Android phone is total loss security-wise)

    • (Score: 2) by HiThere on Monday May 15 2017, @03:29PM (2 children)

      by HiThere (866) Subscriber Badge on Monday May 15 2017, @03:29PM (#510058) Journal

      How long do you keep your backups? You won't necessarily notice files being encrypted until you try to use them.

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
      • (Score: 2) by Appalbarry on Tuesday May 16 2017, @01:12AM

        by Appalbarry (66) on Tuesday May 16 2017, @01:12AM (#510321) Journal

        That had actually occurred to me. I did check the backup and they are still readable.

      • (Score: 3, Interesting) by edIII on Tuesday May 16 2017, @02:25AM

        by edIII (791) on Tuesday May 16 2017, @02:25AM (#510354)

        Good catch. Best way to defeat this is having weekly copies made.

        Some zero knowledge backup companies out there offer version control and can give you a different copy for each day going back as much as you want to pay for. I would imagine something like this wouldn't stay hidden for more than 3 weeks.

        --
        Technically, lunchtime is at any moment. It's just a wave function.
  • (Score: 0) by Anonymous Coward on Monday May 15 2017, @01:56AM (3 children)

    by Anonymous Coward on Monday May 15 2017, @01:56AM (#509680)

    Block all incoming, every box is an island.

  • (Score: -1, Disagree) by Anonymous Coward on Monday May 15 2017, @01:58AM (4 children)

    by Anonymous Coward on Monday May 15 2017, @01:58AM (#509683)

    This is perfect proof of why low level programming languages needs to be illegal without a license and other oversight.

    • (Score: 0) by Anonymous Coward on Monday May 15 2017, @02:08AM

      by Anonymous Coward on Monday May 15 2017, @02:08AM (#509687)

      Only H1B coders will be licensed to do the needful. Open source will be outlawed. Debuggers will be illegal since they could be used for reverse engineering.

    • (Score: 2) by kaszz on Monday May 15 2017, @02:34AM (1 child)

      by kaszz (4211) on Monday May 15 2017, @02:34AM (#509708) Journal

      I have an even better suggestion: Don't let people with sales and marketing backgrounds make technical developer decisions. And have a QA worth its name. What you suggest is a nanny state. It won't work. Guns, drugs and murder is also forbidden (in some places). So the ones to be shoot, be addicted and die is law abiding citizens.

      • (Score: 1) by butthurt on Monday May 15 2017, @05:54AM

        by butthurt (6141) on Monday May 15 2017, @05:54AM (#509793) Journal

        "When foo {is|are} outlawed, only outlaws will have foo" is the usual idiom.

    • (Score: 0) by Anonymous Coward on Monday May 15 2017, @05:15AM

      by Anonymous Coward on Monday May 15 2017, @05:15AM (#509780)

      What pray tell is your high level hipster language written in backend-wise and by whom? Oh... Wait...

  • (Score: 1) by corey on Monday May 15 2017, @02:09AM (13 children)

    by corey (2202) on Monday May 15 2017, @02:09AM (#509690)

    I don't click links or open attachments blindly.

    I also run Linux at home.

    • (Score: -1, Troll) by Anonymous Coward on Monday May 15 2017, @02:12AM (12 children)

      by Anonymous Coward on Monday May 15 2017, @02:12AM (#509694)

      I also run Linux at home.

      "I run Linux!" Such a cliche. Keep beating that dead horse.

      • (Score: 3, Funny) by aristarchus on Monday May 15 2017, @02:22AM (11 children)

        by aristarchus (2645) on Monday May 15 2017, @02:22AM (#509702) Journal

        I run Linux, too. And you know, since this attack is taking advantage of vulnerabilities in Windows, I am not all that worried! Do you have a problem with that, Micro-softie AC? You know you are destroying the internets for all the rest of us, by even existing? Come to the free software side! It is your destiny, AC! And, we have Freedom (and the ability to block cookies, and updates, and malware, and ransomware, and web-ads, and extortion, and much, much more;(!) Horse alive, and kicking, bro!

        • (Score: 2) by kaszz on Monday May 15 2017, @02:42AM

          by kaszz (4211) on Monday May 15 2017, @02:42AM (#509710) Journal

          Ohh, you evil non-conformist for not being ass-raped by ransomware, virus, broken patches, worms etc just like the rest of us zombies! :-)

        • (Score: 0) by Anonymous Coward on Monday May 15 2017, @02:43AM (5 children)

          by Anonymous Coward on Monday May 15 2017, @02:43AM (#509711)

          Unclosed parentheses POST IS VULNERABLE.

        • (Score: 2) by HiThere on Monday May 15 2017, @03:38PM

          by HiThere (866) Subscriber Badge on Monday May 15 2017, @03:38PM (#510062) Journal

          *THIS* attack is focused on MSWind. Even so it doesn't attack most home systems. There have been attacks focused on Linux. There have certainly been attacks focused on Android. There have even been attacks focused on BSD...though they weren't usually very successful.

          The problem with attacks focused on MSWind is that there are lots of embedded systems that will never be updated. The Linux equivalent is routers using Linux that will never be updated, but the MSWind embedded systems tend to be things like airport display terminals, but also include hospital XRay machines, etc. Some of them cannot legally be either updated or patched.

          MS is certainly guilty of careless software maintenance with little care for security, but this isn't the only thing that enables attacks. Heartbeat attacks penetrated a large number of Linux systems, and that it wasn't explicitly a Linux system vulnerability was little enough consolation.

          --
          Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
        • (Score: 2) by edIII on Tuesday May 16 2017, @02:18AM (2 children)

          by edIII (791) on Tuesday May 16 2017, @02:18AM (#510353)

          You can interpret that differently. We really should stop beating that dead horse.

          Linux is not an instant cure. Most of the protection is just because the most popular attack surface is in M$ Land. You really think that will last?

          There have been some revelations lately that throw the whole peer reviewed code model out the window, and that was, that nobody was really reviewing the code. I still agree with the principles, but the actual performance of the code review that has happened thus far could be termed "piss poor". SystemD only makes this worse because we haven't actually established security or a good foundation, before laying out huge amounts of new work for review.

          We need good and open hardware without blobs and binaries first, and then we need to establish a base system for reference that specifically has passed peer review and a large amount of testing. Yeah, that ain't happening with SystemD's bloated ass laying on top of it.

          Otherwise, as Microsoft dies, watch Linux have all it's faults shown. Although, Linux will be able to react much better and faster to it. No telemetry in the updates means you can trust them, even after passing the appropriate hash and verification checks.

          --
          Technically, lunchtime is at any moment. It's just a wave function.
          • (Score: 3, Insightful) by aristarchus on Tuesday May 16 2017, @02:39AM (1 child)

            by aristarchus (2645) on Tuesday May 16 2017, @02:39AM (#510358) Journal

            Linux is not an instant cure. Most of the protection is just because the most popular attack surface is in M$ Land. You really think that will last?

            Yes? Now, why do I think that? Should I stay on my high horse? Unix is a networked operating system, by design, from the beginning. That means security. Not perfect security, no one is saying that, but much better than a toy operating system that had networking capability cobbled onto it with disastrous results.

              As for the "attack surface" argument, I want to point out that I have a charm in my pocket that wards off tiger attacks. Works like a charm! Why? Because it is one! What would happen if I were to go out, and forgot to bring my anti-tiger attack charm with me? Well, obviously I would be attacked by a tiger! Of course, there are no tigers where I live, or even anywhere even remotely nearby, but it is the charm that does the trick!

              Do I need to make the analogy transparent, without going automotive? Going out without my charm is the equivalent of Linux becoming the dominant operating system, being attacked by a tiger is equivalent to something like WannaCry doing as much damage as it has done by means of Windows. So once again, the horse is not dead, because there is no tiger! (Well, there is one in the zoo, but usually he does not escape, and if he does, you just throw a Windows user in the tiger's path before he gets to you. But again, low odds. Linux is structurally superior to Windows.)

            • (Score: 2) by edIII on Tuesday May 16 2017, @02:57AM

              by edIII (791) on Tuesday May 16 2017, @02:57AM (#510368)

              Linux is structurally superior to Windows

              The Death Star was structurally superior to a Star Destroyer, and even the Millenium Falcon (it really was a hunk of junk), but those pesky Bothans still found a fatal flaw :)

              Don't be too proud of that technological terror you've constructed aristarchus :)

              --
              Technically, lunchtime is at any moment. It's just a wave function.
  • (Score: 3, Informative) by Snotnose on Monday May 15 2017, @02:16AM (9 children)

    by Snotnose (1623) on Monday May 15 2017, @02:16AM (#509695)

    So, get the notice Windows wants to update, pick a time, any time. I hit snooze. When I'm done with the computer I hit "reboot", that does the update stuff.

    Except this time it doesn't.

    Couple days later, get the notice Windows wants to update. Kinda busy, hit snooze, when done I "reboot". Nothing. Go searching for update options, find nothing. I mean, I'm done with the computer for a good 12 hours, now would be a great time to update. Nope, can't get it to update.

    This morning get the notice Windows wants to update. Having just rebooted from the previous hoped for update I said, "sure, fine, knock yourself out". 2 1/2 hours later I get my login screen. During that 2.5 hours I can't play online games due to my laptop sucking up all my bandwidth and making games lag hell. I can't use my laptop. Did I mention I'd planned to go to sleep during the previous update window, hence would not care how long the upgrade took? Yeah, thought so.

    Get the login screen. A good 5 minutes to actually login.

    It's now 1-2 minutes from me logging in to actually being able to use my laptop. Thank you Microsoft for making my computing experience so much better.

    --
    It's just a fact of life that people with brains the size of grapes have mouths the size of watermelons. -- Aunty Acid
    • (Score: 2) by Nerdfest on Monday May 15 2017, @02:27AM (2 children)

      by Nerdfest (80) on Monday May 15 2017, @02:27AM (#509705)

      I see people at work suffering through that as well. It amazes me that that sort of performance is tolerated. The cost for business must be in the billions per year. Well , perhaps not that much as a good of the developers where I work that actually get work done run Linux.

      • (Score: 2) by LoRdTAW on Monday May 15 2017, @12:53PM (1 child)

        by LoRdTAW (3755) on Monday May 15 2017, @12:53PM (#509983) Journal

        https://xkcd.com/303/ [xkcd.com]
        Just change "Compiling" to "Updating".

        • (Score: 2) by kaszz on Monday May 15 2017, @10:16PM

          by kaszz (4211) on Monday May 15 2017, @10:16PM (#510255) Journal

          That XKCD should be made into a short movie. Dramatic Star Wars music and the chairs imagined as battle ships ;-)
          And the boss is the dark side calling..

    • (Score: 2) by Dunbal on Monday May 15 2017, @05:14AM (3 children)

      by Dunbal (3515) on Monday May 15 2017, @05:14AM (#509779)

      Windows update off.

      Pay attention to the world.

      Download the security patch you need when something like this happens. I downloaded MS17-010 a month ago. Windows update still off.

    • (Score: 2) by butthurt on Monday May 15 2017, @06:07AM (1 child)

      by butthurt (6141) on Monday May 15 2017, @06:07AM (#509797) Journal

      > Nope, can't get it to update.

      You're saying the same thing MichaelDavidCrawford did:

      https://soylentnews.org/comments.pl?noupdate=1&sid=19514&page=1&cid=509661#commentwrap [soylentnews.org]

      I asked him whether he'd tried WSUS Offline Update.

      http://www.wsusoffline.net/ [wsusoffline.net]

      • (Score: 0) by Anonymous Coward on Monday May 15 2017, @04:32PM

        by Anonymous Coward on Monday May 15 2017, @04:32PM (#510094)

        My Win10 machines wouldn't update. There is a setting in updates to allow it download the updates from other local machines. Unselected that, updates work again.

  • (Score: 3, Insightful) by kaszz on Monday May 15 2017, @02:52AM (4 children)

    by kaszz (4211) on Monday May 15 2017, @02:52AM (#509716) Journal

    Now Microsoft Chief Legal Officer wants a Digital Geneva Convention [microsoft.com] to protect (their) computer systems. No mention of their own idiotic engineering or rather total lack of it. In addition to their slimy juridical dealings using "audits" to blackmail corporations. The problem is partly spelled that the people in power of decisions have a background in sales and marketing.

    • (Score: 3, Insightful) by Dunbal on Monday May 15 2017, @05:16AM (3 children)

      by Dunbal (3515) on Monday May 15 2017, @05:16AM (#509781)

      Because the actual Geneva Convention is so darned effective at preventing stuff in real wars, let's make one for computers too. That way everyone can run around like dickheads accusing each other of violating the Geneva Convention without ever being able to prove it let alone enforce it. The world does not need more laws, rules and regulations. It needs smarter people.

      • (Score: 2) by c0lo on Monday May 15 2017, @12:36PM (2 children)

        by c0lo (156) Subscriber Badge on Monday May 15 2017, @12:36PM (#509975) Journal

        It needs smarter people.

        Some say the amount of intelligence in this world is constant. If they're right...

        --
        https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
        • (Score: 2) by tangomargarine on Monday May 15 2017, @03:45PM (1 child)

          by tangomargarine (667) on Monday May 15 2017, @03:45PM (#510065)

          ...the solution is to start killing people? Who has the list of nominations?

          --
          "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
          • (Score: 2) by c0lo on Monday May 15 2017, @07:13PM

            by c0lo (156) Subscriber Badge on Monday May 15 2017, @07:13PM (#510186) Journal

            Who has the list of nominations?

            I don't know... how about starting with the upper echelons of Microsoft’s and NSA's management?
            Or politicians maybe?

            --
            https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
  • (Score: 4, Insightful) by boltronics on Monday May 15 2017, @03:24AM (2 children)

    by boltronics (580) on Monday May 15 2017, @03:24AM (#509736) Homepage Journal

    If you are a sysadmin, how concerned are you about what you will be facing at work on Monday?

    Noone in my workplace run Windows. Thanks for yet another reason to keep it that way. :)

    --
    It's GNU/Linux dammit!
    • (Score: 2) by nobu_the_bard on Monday May 15 2017, @04:54PM (1 child)

      by nobu_the_bard (6373) on Monday May 15 2017, @04:54PM (#510107)

      It's nice that you get to live in a reality where that's an option. Unfortunately many of us do not.

      • (Score: 2) by boltronics on Monday May 15 2017, @10:57PM

        by boltronics (580) on Monday May 15 2017, @10:57PM (#510279) Homepage Journal

        Not a reality in all work places maybe, but you do get to choose where you work. If you don't live anywhere near your ideal job, just move.

        If you can't move, that's usually because of previous choices you made in your life that didn't focus on your current goals. For example, an ideal workplace environment is sometimes just a lesser priority for people over other concerns, such as wage or location preference. Maybe you had kids instead of spending your spare time improving your skill set. Countless decisions over your life put you were you are now, and it's okay if you focused in other areas - but it's not fair to then say you don't have the option.

        I can't claim to understand your circumstances, but often I find it's not a matter not being a possibility in your life, but rather it's a matter of how badly you want it.

        --
        It's GNU/Linux dammit!
  • (Score: 2) by kaszz on Tuesday May 16 2017, @10:23AM

    by kaszz (4211) on Tuesday May 16 2017, @10:23AM (#510470) Journal

    Apperantly [reuters.com] anti-virus providers [reuters.com] Symantec and Kaspersky Lab now suggest the blame is on North Korea. Of course the answer could never be found in their own backyard ;-)

  • (Score: 2) by KritonK on Tuesday May 16 2017, @11:26AM

    by KritonK (465) on Tuesday May 16 2017, @11:26AM (#510487)

    What actions, if any, have you taken to protect your Windows machine(s) from this threat?

    I installed Linux on them.

(1)