Slash Boxes

SoylentNews is people

posted by cmn32480 on Friday May 19 2017, @11:56AM   Printer-friendly
from the maybe-there-is-hope dept.

Various news outlets report the release of
Wannakey, a decryption utility for files encrypted by the WannaCry ransomware. According to the author of the software, it "has only been tested and known to work under Windows XP."

From the Wired article noted below:

Now one French researcher says he's found at least a hint of a very limited remedy. The fix still seems too buggy, and far from the panacea WannaCry victims have hoped for. But if Adrien Guinet's claims hold up, his tool could unlock some infected computers running Windows XP, the aging, largely unsupported version of Microsoft's operating system, which analysts believe accounts for some portion of the WannaCry plague.

[...] Guinet says he's successfully used the decryption tool several times on test XP machines he's infected with WannaCry. But he cautions that, because those traces are stored in volatile memory, the trick fails if the malware or any other process happened to overwrite the lingering decryption key, or if the computer rebooted any time after infection.


Previous stories:
"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by kaszz on Friday May 19 2017, @01:20PM (2 children)

    by kaszz (4211) on Friday May 19 2017, @01:20PM (#512153) Journal

    Great as now it seems Windows XP will be safer with time while keeping the software base and having ReactOS [] accomplish better and better compatibility. 32-bit architecture is a sweet spot in terms of memory pointer size, accessible memory and processor efficiency.

    4 GB ought to be enough for anybody!

    As for sweet spot, a 24-bit system with 24-bits per memory position gives 48 MB system memory size. Maybe 8-bit as a unit for processing isn't optimal either. Maybe 6-bits is better?

    Bit size: System memory size:
    19 bits 1.19 MB
    20 bits 2.50 MB
    21 bits 5.25 MB
    22 bits 11 MB
    23 bits 23 MB
    24 bits 48 MB
    25 bits 100 MB
    26 bits 208 MB
    27 bits 432 MB
    28 bits 896 MB
    29 bits 1856 MB
    30 bits 3840 MB
    31 bits 7936 MB
    32 bits 16384 MB

    That 32-bit x86 systems seem to max out at 4 GByte perhaps indicate a unnecessary bottleneck in that 8-bits per memory address is used. If instead 32-bits is used more memory can be accessed with the same address limit.

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by butthurt on Friday May 19 2017, @10:47PM (1 child)

    by butthurt (6141) on Friday May 19 2017, @10:47PM (#512422) Journal

    There existed a 64-bit version of Windows XP, but it saw little uptake.

    On x86, Physical Address Extension allows the use of more than 4 GB of memory.

    The 32-bit size of the virtual address is not changed, so regular application software continues to use instructions with 32-bit addresses and (in a flat memory model) is limited to 4 gigabytes of virtual address space.

    -- []

    • (Score: 2) by kaszz on Friday May 19 2017, @11:46PM

      by kaszz (4211) on Friday May 19 2017, @11:46PM (#512439) Journal

      PAE still leaves the CPU to handle up to 64 GB ie 36-bit addresses. Though it's all hidden to the scheduler side of things. Perhaps the kernel needs to deal with it too for program jumps etc? Data access seems to still be that each address in userland have 8-bits.

      So in PAE, the CPU has at least 36-bit virtual addressing. There may be less physical address lines than this. Each process in userland may however only use up to 32-bits.

      As for 64-bit Windows XP. The Microsoft ecosystem is very much a Win32 thing. And things will evolve around that unless a big bat is used. Which Microsoft did with their later 64-bit OS, ie to get 32-bit certification you got to present a workable driver for 64-bit and so on.