There is an ongoing cyber attack, specifically a ransomware attack, ongoing across Europe, the US, and Asia.
Cyber attack reported in 74 countries with UK, US, China, Russia, Spain, Italy and Taiwan among those affected https://t.co/an8tfofXww
— BBC Breaking News (@BBCBreaking) May 12, 2017
NEW: Companies being told to close certain ports and install a Windows patch released in March to stop a growing global ransomware campaign.
— Tom Winter (@Tom_Winter) May 12, 2017
A massive ransomware campaign appears to have infected a number of organisations around the world.
Computers in thousands of locations have apparently been locked by a program that demands $300 (£230) in Bitcoin.
There have been reports of infections in as many as 74 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan.
Many security researchers are linking the incidents together.
The UK’s National Health Service (NHS) was also hit by a ransomware outbreak on the same day and screenshots of the WannaCry program were shared by NHS staff.
One cyber-security researcher tweeted that he had detected many thousands of cases of the ransomware – known as WannaCry and variants of that name – around the world.
“This is huge,” said Jakub Kroustek at Avast.
Another, at cyber-security firm Kaspersky, said that the ransomware had been spotted cropping up in 74 countries and that the number was still growing.
Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the US National Security Agency (NSA).
A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.
Major Major Major Major
Yikes.
Are these the ones who are probably Russia or definitely Russia?
Run your goddamned security updates, people!
MaryL
*head-desk*
Gin & Tonic
@Major Major Major Major: Indeed. Patch your systems. As Taylor Swift says on Twitter:
Baud
Is Balloon Juice safe?
hovercraft
@Gin & Tonic:
When we are reduced to having to heed the words of sages like Taylor Swift, you know that the end is nigh.
Roger Moore
It’s days like this when I’m very glad:
1) I have decent off-line backups
2) My main personal computer doesn’t run Windows
Gin & Tonic
@Baud: Is it safe?
Certified Mutant Enemy
@Baud:
Is Balloon Juice hosted on a unpatched Windows server?
Baud
@hovercraft: I think this is the good Taylor Swift.
NotMax
A little bit more on the provenance.
Hackers use leaked NSA bug in massive global cyber attack
Thoroughly Pizzled
The Shadow Brokers? These hackers are 12 years old, aren’t they?
Baud
@Certified Mutant Enemy: No, I think it’s run by hamsters.
dmsilev
@Major Major Major Major: According to this, Russia is currently the most heavily impacted country, with Ukraine a distant second.
Make of that what you will.
clay
@hovercraft: I don’t think it’s THAT Taylor Swift. Or maybe you knew that.
Anyway, this:
makes me think of the recent Neal Stephenson novel Reamde. There were Russians involved in that one, as well.
Chris
@NotMax:
“Government creates something dangerous and it breaks loose and wreaks havoc on the population” movie comes to life…
NotMax
@Baud
All computer data is safe, with a few exceptions.
clay
@NotMax:
Is it too much to hope for that Wikileaks servers would be hit by this? ‘twould be enjoyably ironic.
Baud
@NotMax: Nice.
Adam L Silverman
@Major Major Major Major: One working theory is that they are a Russian front:
https://arstechnica.com/security/2017/01/nsa-leaking-shadow-brokers-lob-molotov-cocktail-before-exiting-world-stage/
https://www.theverge.com/2016/8/17/12519804/shadow-brokers-russia-nsa-hack-equation-group
kindness
I love my Apple computers at home. Go ahead and tell me I’m dumb to buy them.
Adam L Silverman
@Gin & Tonic:
Chris
@Adam L Silverman:
Holy mother of Jesus! If even Snowden thinks Russia’s to blame…
MJS
Get Barron on it. He’s good with the cyber.
Adam L Silverman
And this also happened:
Highway Rob
@Adam L Silverman: I decide to jump out of lurkerville and post this, but then I find out my window closed seven minutes ago. Can’t sleep on y’all at all, can I?
Gravenstone
@Adam L Silverman: Sure, why not? While the US puppet is self destructing in full public view, why not monkey wrench some of the locals to soften them up? Such a world we live in.
Mike J
At one point I used the digital, but I’ve gone back to goddamned steam.
Major Major Major Major
@Adam L Silverman: but is Balloon-Juice safe???!
HeleninEire
LOL £230 million in bitcoin. WTF?
Certified Mutant Enemy
@Mike J:
I browse the web with a steam powered Babbage engine.
?BillinGlendaleCA
@Roger Moore:
I wouldn’t bet my data on that.
NotMax
And here we thought it was just a bad movie. What with the so-called internet of things, maybe now prescient?
Major Major Major Major
@?BillinGlendaleCA: no, but it’s, yknow, relevant on a day where windows-exploiting ransomware is taking over the intertrons.
Elizabelle
I knew you’d have something on this. Not hearing any wailing in Spain.
Aleta
@Certified Mutant Enemy: ha
Roger Moore
@?BillinGlendaleCA:
I don’t; as I also said, I also have off-line backups.
Miss Bianca
@Mike J: LOL!
sharl
@Mike J:
+1
Elizabelle
@sharl: yeah that was primo snark
Ric Drywall
Still waiting for a decent answer. I have all of my important personal data – social security #, credit cards, passwords – posted in the BJ comment section of the most recent Open Thread. Need to know if it’s safe there.
raven
@Roger Moore: We had a situation once where one of our schools lost their course management system and the tape backup failed. We had a swat team of abut 20 people go there and work with individual faculty members to rebuild their courses. Some had all their data backup and some didn’t.
?BillinGlendaleCA
@Major Major Major Major: In addition to the March security update, there was a major update to Windows in early April(Creators Update). OS publishers don’t put out updates to make user’s lives difficult.
raven
@Ric Drywall: How abut an indecent answer? I have one for ya.
Major Major Major Major
@Mike J: @sharl: I had to reset my steam password the other day, pain in the ass!
Adam L Silverman
@Ric Drywall: Alain is making his way over to the comment threads to answer all your questions.
Kay
Adam, it’s so nice that you post here right now. You’re always so calm and…normal.
You should run for President. Don’t even run. Just quietly assume the duties :)
? Martin
@Adam L Silverman: I think it’s a strong theory. When the US threatened to retaliate against the DNC hack, it was this group that warned that they would take action if the US did that. I know there’s certain loyalties within the hacker community that cross national bounds, but that stood out regardless.
D58826
@dmsilev: karma is a b***h
rikyrah
Trump Won’t Win Fight With the Intelligence Community
by Martin Longman May 12, 2017 2:57 PM
A lot will be written about the following tweet, possibly for decades or even centuries. We won’t know the full implications for a while, yet, and it could be that it doesn’t amount to much in the bigger picture.
Still, we can for now set aside all the legal implications, like whether there really are recording devices and if they’re subject to subpoena or preservation requirements, or what it might mean to threaten the former FBI director, etc.
Just think about what the tweet says about the terms on which the President and Comey parted ways. There’s the way Comey was fired, while in Los Angeles talking to recruits. There’s the fact that Trump didn’t give him the courtesy of a call. There’s the fact that Trump followed up by calling Comey a grandstander and otherwise impugning his character and reputation. There’s the fact that Comey was fired shortly after making it clear that the investigation of Trump was ongoing and in need of more resources.
And, finally, there’s the fact that Trump claimed that Comey wasn’t investigating him at all and had even assured him of this on three separate occasions. This claim is now what Trump is trying to defend by suggesting he has tapes to prove it. Maybe he does have tapes, but more likely he does not. He probably is desperate to avoid having Comey testify that he is lying.
But Comey has no choice but to testify to that. To assume otherwise is to assume that Trump is telling the truth, and if that were the case it would be for the first time in this whole saga.
Trump thinks the so-called Deep State is out to get him but the Deep State tried to warn him that Michael Flynn was in the pay of the Russians and he didn’t care or listen. He’s made war on them over and over again, from dismissing their assessments of Russia’s role in the elections, to disrespecting their dead at CIA headquarters, to now threatening James Comey. Only a fool goes after the intelligence community like this, especially when they’re not at fault.
This is an epic miscalculation by the president, because he’s in the wrong and virtually no one has his back. The few people who are half-heartedly defending him today will be gone tomorrow, but the intelligence community isn’t going anywhere.
kindness
What happened to my post?
I can understand if it was removed in a fit of anger. I just said how happy I am with my Apple computers at home.
Alain the site fixer
@Baud: Yes it is safe. But I’ve seen some questionable ads thrown at me on other sites, normal mainstream sites. I always run security software on my desktop and laptops and use iOS for phone and tablet so no malware worries there really.
Always do the security updates, quickly. This is something that’s now being measured – once news of a patch being released by Microsoft, there’s a huge uptick in attempts to use that technique before everyone is patched.
In this case, hospitals and other organizations that use lots of custom and exotic tech don’t update their systems as things have to be tested, approved, planned, then rolled out and that takes time. And they are institutional and have lots of money.
So make sure all of your small business computers are updated and protected people – these days when a computer running Windows is your small business cash register and accounting machine, ransomware can be crippling to even you, and expensive to pay off.
Alain the site fixer
@Certified Mutant Enemy: no, on a patched Linux machine run by a very experienced web host that deals with DDOS and other nasty stuff routinely.
? Martin
@HeleninEire: These guys are likely to win on both sides – they’ll get whatever ransom comes their way and their existing investment in bitcoin is likely to spike with that kind of demand to buy Bitcoin hitting the market. Very Goldfinger of them.
Alain the site fixer
@dmsilev: it’s because they don’t update their pirated installs of Windows and so they’re wide open for a) NSA hackers and now that their code has been released to the wild, b) any bad guy who wants to hold some computers for ransom which is low-risk and en vogue.
D58826
MSNBC was going down the list of possible FBI directors. All conservative republicans. They may or may not like Trump but the GOP has shown that when the crunch comes it is party over country so I would have serious doubts as to the independence of these folks,
Alain the site fixer
@clay: it’s amazing – they now have clear, helpful instructions on what bitcoin is, how to securely buy some, and how to pay them off. Some even have – I shit you not – live tech support to walk you through the process of paying the ransom! What a world we live in….
Alain the site fixer
@Major Major Major Major: only if you know the safe word….mustard
NotMax
@Alain the site fixer
In Russia, windows see through you.
Major Major Major Major
@Alain the site fixer: it’s not green balloons?
Woodrowfan
Do you expect me to update?
Why no Mr. Bond, I expect you to die!
Alain the site fixer
@Elizabelle: I listen to BBC World Service many hours a day, and it’s hit England and Spain and Portugal and China and Germany and Russia. Again, a lot of those places are known to have lots of pirated and thus un-updated software. When I first heard about it, my first thought was North Korea or their agents spreading a little pain around to potential supporters of US, Japan, and South Korea. Not to mention, to raise a nice boatload of change to support some further nastiness.
SiubhanDuinne
@Baud:
Has Balloon Juice ever been safe?
? Martin
@Alain the site fixer:
This is a structural problem within the industry. The software dependencies for end-user systems is unnecessary now and should have been designed out of systems years ago. Moving those dependencies up into secure hosted systems allows for layered security and eliminates the dependency problem.
? Martin
@Woodrowfan: Someone needs to write a Bond film in the age of Donald Trump and DDOS attacks launched from hacked vibrators.
Woodrowfan
@Alain the site fixer: nice movie ref!! alas, it does not work with Lipwigzers..
Roger Moore
@raven:
I’ve lost hard drives at work. The most painful case involved a computer with RAID where our helpful IT department disabled the monitoring software so we weren’t notified when the first drive failed. I’m sure you can work the rest out for yourself.
Since the first time I lost a disk at work, I’ve become very careful about protecting my personal data. My current system involves two USB backup drives. I back up onto one of them, then bring it to work and keep it in a locked drawer in my office. The disk that was in my office comes home to receive the next backup. That way I’m protected against hardware failure, ransomware, and even a disaster that destroys my home. I have additional backups of some very important data, e.g. taxes. Naturally, all my backups are encrypted to reduce the danger if they’re lost or stolen.
Major Major Major Major
@? Martin: you really think they’re going to dump all their newfound lucre while the market is temporarily high? It would be kind of obvious, and bitcoin is… not actually particularly anonymous.
ETA: during conversion into currency.
NoraLenderbee
I work for a cyber security company. Some of our products have already detected and blocked WannaCry.
Brachiator
@Alain the site fixer:
Or maybe somebody is raising cash to buy their mom a really nice Mother’s Day present.
TenguPhule
@Alain the site fixer:
Would it not be simpler to track them down and exact revenge?
clay
@Alain the site fixer: So the blackmail came with a FAQ? That’s some gumption.
Say, would that “live tech support” allow a savvy net-detective a way to track down their location?
raven
@Roger Moore: You are the kind of guy we liked!
Alain the site fixer
@Alain the site fixer: and by questionable ads, I mean they triggered my security software, but not before I saw what I’m pretty sure was a ransomware screen coming on; I pushed in the power button until the pc turned off, then unplugged the internet cable, turned it back on and did a full av scan of all drives, home network pcs, etc. to make sure nothing spread before it took over my pc. This has happened twice and I won’t name the sites – most of us here read them daily – but it wasn’t the fault of the site, it was Google Ads serving up an infected version of an ad to 1/100,000 viewers of that ad (in other words, they don’t infect the entire ad run, just 1/x of the ads that are served are carrying a bad payload).
I don’t block all ads, but I run security software and keep it current, and, to be honest, I do more and more of my surfing on my iPad and have no worries at all. I think that for many things, a good iOS tablet is the best solution for most users for secure web surfing. I advise folks to do banking and other important stuff on their iPads over their PCs because they don’t get infected or trojaned or ransomed. And as long as you are using a WiFi connection you know and trust, you’re good-to-go.
Steeplejack
@? Martin:
“I don’t care—that orgasm was worth every Bitcoin!”
Major Major Major Major
@Brachiator: do we have any evidence that North Korea even owns a copy of the version of Windows this is targeting?
Alain the site fixer
@? Martin: so true.
Teddys Person
@Alain the site fixer: This was an episode of the Good Wife. There was a scene where one of the characters was on the phone with tech support.
Alain the site fixer
@NoraLenderbee: please drop me a line using the Quick Links form; I’ve got some offline questions for you that I’d prefer to ask in private, if that’s ok.
Corner Stone
@? Martin:
“Oh God! Oh God! Oh–”
Dunnah dun ah, dunnah nyah!
Doodle uh do to da nah doodle uh do to dooo nuh doodle, nyah uh!
Adam L Silverman
@Kay: You have no idea how whacked things are if I’m the voice of moderation.
Alain the site fixer
@TenguPhule: @clay: Yeah, so some of the gangs found that their targets had never heard of Bitcoin, etc., so they first developed and then refined instructions, and when they got to a big-enough scale, offered free on-demand step-by-step help. Truly an example of smart people being crooks, and refining their technique as they saw that their mechanism was too complicated for many potential victims. The problem with ransomware is that when the timer runs out, your files are permanently scrambled. There is no bad guy holding a secret code – once the time limit passes, that secret key is automatically reset to something random that is never told to anyone and your hard drive is effectively wiped; there’s nothing you can do but format and start from a recent backup.
Mary G
Dumb question: I let Microsoft do automatic updates and I have a subscription to Malwarebytes that occasionally tells me it blocked something or other. Is that enough? I have backup on a portable hard drive, plus cloud storage of nonsensitive files.
JanieM
@Roger Moore: I keep five backups in various stages of recentness, one in my safe deposit box. But I don’t have them encrypted. What would you suggest using to encrypt them?
Brachiator
@Alain the site fixer:
Can the same be said about Android tablets?
jeffreyw
@?BillinGlendaleCA:
They just look at it as a side benefit! It broke my Logitech mouse and keyboard software.
hovercraft
Via Steve Benen:
* Donald Trump told NBC News that if the election were today, he’d “win by a lot more than I did on November 8th.” A national Quinnipiac poll released this week showed the president with a 36% approval rating.
* This week, Dan Scavino, the White House director of social media, noted that it’d been six months since Trump’s election victory, and he marked the occasion by “tweeting a screen grab of the late-night phone call” when Hillary Clinton conceded the race. Scavino also said he intended to release video of the conversation.
He’s so fucking delusional and his “best” people are almost as classy as him.
NotMax
@raven
Friend here who runs a computer repair company ran into a bear of a problem only recently.
Big company’s computer system was infected. They studiously made a back-up as a matter of course. However, Murphy’s Law was particularly active as it turned out the back-up itself had glorked during the process and important parts of it necessary for the data to be recognized.were unreadable.
Yes, he eventually sorted it out and solved the disaster but it took an extensive forensic job to do so.
Alain the site fixer
@Mary G: Windows 10? You’re reasonably ok. There are many who feel safe enough with that pair, but I prefer spending $25/year buying a digital subscription to security software from Amazon. I won’t recommend a brand, but you can buy a 1-year, for up to 5-machines, anti-virus/security software from Amazon and download it. I just remember to buy a new subscription from Amazon next year as the AV companies try to renew you at a much higher price!
Don’t forget folks – when shopping at Amazon, please use the link on this site to initiate your purchase. It gives the site some revenue and doesn’t affect your price or charitable donation.
Major Major Major Major
@jeffreyw: Well the OS people don’t give a shit about your drivers, Jeffrey. :P
clay
@hovercraft: Eventually, even his own supporters are going to stop caring about him beating Hillary, and they’re going to start wondering what he’s going to do for them.
NoraLenderbee
@Alain the site fixer: PM sent.
Gin & Tonic
@NotMax: That’s the root of the old saying “good backup is cheap; it’s lousy backup that’s expensive.”
NotMax
For those on the less tech savvy side of the spectrum (heck, for anyone, really) there’s Acronis, which is a quite reputable concern, to make a snapshot back-up.
Alain the site fixer
@Brachiator: nah. Android is much more open, and has so many different flavors and hardware and modifications that I can’t say that. I can say that there are certain Android tablets that are much better for security, but I don’t follow the Android market so I can’t say which ones. Truthfully, one of the core reasons I stayed with iOS (I had the original iPhone as my first Apple product) was the App Store. Not the concept, but the idea that they screen things to somewhat specific standards. I like the walled garden, it protects my fruit trees, as it were!
I was one who, pre-App Store, jailbroke my phone with each new update, and ran all kinds of apps that did cool things that people made. One even got around some Apple issue by running a webserver on the bloody phone to pass messages to something-or-other. It was crazy – and a hacker/bad guy’s wet dream. So I was and continue to be very impressed with what Apple does in the iOS security and standards department.
MattF
We know: 1) Do all your system updates as soon as possible. 2) Have cold backups of everything. I guess we’ll soon find out who hasn’t done it.
? Martin
@Brachiator: Unfortunately, no. Android is at least as porous if not more so than Windows.
iOS is so secure because of that feature that annoys many folks of every bit of executable code having to go through Apple’s store and review process, or be signed by a developer that you approve to deploy locally. You can’t sideload arbitrary apps, you can’t have alternative stores. That doesn’t mean its impossible to hack iOS, but it’s a shit-ton harder.
Google and Windows and MacOS are all ‘friendly’ by being more open, making it easier for your employer to deploy their custom software, and so on, but that’s where almost every exploit can find their way in. An equally good alternative however is a Chromebook. Everything in the browser similarly limits the potential to do harm. It really is a good option for schools where IT budgets are usually catastrophically bad.
GregMulka
@clay: While the people who execute these attacks should probably be roasted over a low flame, I’ve yet to see a crypto infection that wasn’t preventable by being slightly better than an idiot.
Most come in through infected links in email to random google docs, or allowing vb scripts to run from Word, or a PDF with a giant link that says CLICK HERE TO ENABLE SCRIPTS. This one could have been dealt with by installing a security patch that’s been out for two months.
Some massive IT infrastructures with a lot of legacy systems, like NHS, have some excuses for not installing the patches in a timely manner. Except for the part where it’s been available for two months. 1 in the testing environment and another before you roll out.
edited to add the word by.
Alain the site fixer
@NotMax: I’ve had to do a few forensic tasks over the years like that. Painful!
From time to time, I find someone who has old floppies, hard drives, tape drives, etc. and wants them put onto modern storage or formats, so I drag out my old 1990-era DOS PC. Which still works like a charm, let me tell you.
NotMax
@NotMax
Bad linky. Fix.
Acronis
Brachiator
@Major Major Major Major:
It’s funny. You’d think that a paranoid dictatorship like North Korea might be super-backwards. Running Windows 95, at best. But they go through a lot of back channels to get the equipment they need, a lot of it state of the art, so who knows. I was listening to a BBC podcast about how they got nuclear tech. The reporter mentioned in passing about how satellites show North Korean cities in the dark. This is not directly because of technological backwardness, but because they shovel all available resources to military development and to their elites. I hadn’t considered this before.
Anyway, a tangential response.
One thing in the reporting of this malware caught my eye.
A bit of a cyber payback, perhaps?
SatanicPanic
Get Barron Trump on the job
?BillinGlendaleCA
@jeffreyw:
I’ve had no problems with updates, I use both a Logitech mouse and keyboard.
mai naem mobile
Has greennotGreen checked in today? I was wondering how things were going. Too many threads to wade through from this morning to check.
Cheryl Rofer
Kaspersky Labs says that most of the attacks are in Russia.
Kaspersky Labs works closely with the government of Russia. So no guarantees as to the accuracy of this information.
Matt McIrvin
@hovercraft:
He could actually be right. Quinnipiac is usually a Democratic-leaning outlier; obviously there are no job approval ratings until someone has taken office, but his average personal approval numbers are around 44% now, better than they were on Nov. 8 (about 40%), probably just because he won the election and became President.
NotMax
@Alain the site fixer
Got a zip drive (and discs) in the abode. Sometimes my computer repair friends ask to borrow it.
? Martin
@Matt McIrvin: Yeah, but you think turnout would be the same? Not a chance.
Major Major Major Major
@Brachiator: Well, I’ve seen some of the “look how hip and modern we are!” propaganda shots out of Pyongyang, and they’re still using e.g. big ‘ol CRT monitors. Wouldn’t surprise me to find them on XP.
And, as we all know, you don’t need Windows 10 to build a nuclear bomb.
Aleta
@Ric Drywall: Oh all that stuff is fine. Just avoid Open Thread dating.
jeffreyw
@Major Major Major Major:
Hey! I run a class joint here! I have chauffeurs.
Alain the site fixer
@mai naem mobile: I haven’t heard a thing but I haven’t been glued. She’s on my mind but I fear the worst…or rather, the end. But I hope she’s demanding more ice and smiling and loving just a bit more.
Alain the site fixer
@Major Major Major Major: they have a custom Linux distro as I recall. Their hacker/intelligence folks use Windows, Macs, normal flavors of Linux, etc. But I’ve read that important things run on their own Linux – Red Star or something like that.
Frankensteinbeck
@Major Major Major Major:
That is actually the source of most of Windows’ instability, and why you have to reinstall occasionally. Drivers run most things, those drivers are made by third parties without standardization, can interact in unexpected ways, and are not cleanly removed when new drivers are installed. My father works on deep operating system stuff like this professionally. He tells stories like two developers having separately discovered a chunk of hidden, normally never used memory in Windows, so they put their drivers there. Install both those programs, and your copy of Windows dies, and your hard drive is with it.
NotMax
@Major Major Major Major
One thing they’re not backward on is computer tech and programming. Concerted effort instituted some years ago by the government to pour resources into that sector.
So far as the monitors go – and that may well have changed – CRTs require less outlay to import (by fair means or fowl) rare earth metals.
When it comes to the public sphere (although last report seen was from about 2014) 40% or more of the populace had smart phones of DPRK origin.
? Martin
@Frankensteinbeck: I know a guy whose job it is to write patch code to fix up all of the defects in existing popular games that arise from a new GPU driver. The success of graphics cards is such that they don’t want to rely on the game studios to patch their code, so the GPU vendors patch it right in the driver itself. It’s insane.
NotMax
@NotMax
Ack! Foul, not fowl.
gbbalto
@Alain the site fixer: @mai naem mobile – She was hanging in there, with humor, at last update:
FROM LAST NIGHT: greennotGreen
May 11, 2017 at 10:33 pm
(gnG’s sister speaking) gnG asked me to blog for her this evening. This is actually a big improvement over last night, when she was in a red fog of pain that was only relieved by a whole cocktail of drugs, which really knocked her out. This morning, the hospice nurse (competent, although wears perfume – not appropriate for nursing – and has a very whiny voice ) doubled the basal level of dilaudid going into my sister’s port, resulting in *much* better pain control. gnG was groggy, but otherwise quite herself. She continues to grope for words and speaks very slowly, but still compos mentis. We had a good discussion about the ethical issues surrounding a family dosing a hospice patient with morphine when the patient is in too much pain to decide for herself, and the emotional burden that places on the family. We also have been discussing the Trump-Comey affair, and the exciting developments with the grand juries in Virginia and New York. At one point, gnG threw up her hands and laughingly said, “This isn’t fair! I really don’t want to linger, but I want to see how this turns out!”
See why I feel I am so blessed to be able to spend this time with my sister?
ETA: h/t to Elizabelle
jeffreyw
@?BillinGlendaleCA:
I’m sure it is a case of conflicting drivers, maybe several that add their own bits to the problem. I get a “can’t decrypt xxx error” for mouse and keyboard modules when trying to install setpoint, and the newer Logitech Options drivers all load fine but I lose them on restart.
Elizabelle
A message from greennotGreen: just came in now on the morning thread:
JanieM
@JanieM: Repeating my own question, addressed to Roger Moore but really for any of you techies:
That is, backups.
Aleta
@gbbalto: @Elizabelle: thanks
Major Major Major Major
@NotMax:
Priorities!
Mingobat f/k/a Karen in GA
@clay:
Not sure about that. Beating Hillary is what they wanted from him.
It helps to view the GOP as a cult rather than as a political party. They’ll rationalize everything their leader does while he’s bleeding them dry.
? Martin
@Major Major Major Major: They don’t have to dump it all. Because bitcoin is non-inflationary (there’s a fixed amount that can possibly ever exist) simply locking up large amounts of it will keep the price high because the supply will be low. They can then bleed it off when it’s convenient.
Mike J
West Brom give a little flirt give themselves a little cuddle.
NotMax
@JanieM
Speaking strictly personally, not ignoring you but also am not more than a very casual techie, so outside my wheelhouse.
Major Major Major Major
@? Martin: Bitcoin is down $125 today so far, it’s not really a pump-and-keep kind of thing. Very very volatile. And the limit won’t be reached for a long time.
ETA: Bitcoin circulation curve: still a long way to go before hoarding becomes a sensible strategy.
Gelfling 545
@Major Major Major Major: Hah! That’s what everybody thought. A clever ruse!
Miss Bianca
@Elizabelle: aw, this is making me weepy at work…
It’s a beautiful day in the central mountains of CO, and despite all the craziness going on, I am going to take the reminder from gnG that every second I’ve got left on this earth is precious.
Enhanced Voting Techniques
So the word is Dumb Assed Donny hired a Russian Lawyer to repesent him in this thing.
Truely, what the frak?
Alain the site fixer
@gbbalto: thank you, Tears leaking, but thank you!
Mingobat f/k/a Karen in GA
@Elizabelle: Thanks for this.
Alain the site fixer
@Elizabelle: Thanks!
TenguPhule
@Enhanced Voting Techniques:
Actually, a firm nominated and awarded for being the best, by Russia.
Whether the actual lawyers are Russians is yet to be determined.
Le Comte de Monte Cristo, fka Edmund Dantes
I have a brilliant idea for a movie.
? Martin
@JanieM: I don’t actually worry about encrypting my backups that much. And how you encrypt depends very much on how you are backing up. I have two backups of everything. The local backup in my house is made to an AES-256 encrypted virtual drive. It’s a standard and widely used strong encryption which means I can decrypt it using just about anything. Being a virtual drive means that the individual files aren’t encrypted, the entire volume is. There are pros and cons to that approach. Pro is that even the directory structure and metadata gets encrypted. Con is that it’s a single point of failure. If the volume corrupts, I’m pretty boned. My virtual drive is on a hardware mirror RAID so there’s always 2 copies on different physical hard drives. That protects pretty well against hardware failure. But if my house burns down, I lose everything, encrypted or not.
My 2nd backup is offline and I use Backblaze for that. Data is encrypted in transport as well as in storage on their end. It’s fast and cheap and if my house burns down that’ll still be accessible. If the country burns down, then it won’t be but I won’t care about my data in that case.
If I had to recommend to a casual users, I’d just do Backblaze. It’s a great service and it’s a snap to set up, and it’s reliable. My local backup is really my primary, but I’m willing to dump a few hundred dollars of hardware in it and the knowhow to set it up. It’s not horrible but it is technical. It also requires more maintenance than Backblaze does. Periodically the backups will stop running, etc. The reason I like it as my primary is that it’s very easy for me to test by occasionally restoring a machine from the backup. That’s a bit harder to do with Backblaze. The other upside to Backblaze is that you can easily restore individual files. Accidentally delete something last week, just jump in there and grab it back. Very nice.
Alain the site fixer
@Major Major Major Major: so that means that $300 of btc gets you more btc than it would have yesterday, which is what you want now if you’re (via unwilling third-parties) buying lots of btc, it seems to me.
Roger Moore
@Alain the site fixer:
Assuming you have one.
Mingobat f/k/a Karen in GA
@TenguPhule: I don’t believe his lawyers themselves are Russian. But there are plenty of excellent law firms that don’t have offices in Russia at all — might have been smarter for him to hire one of them.
Funny how everything he does just reinforces the Trump-Russia collusion narrative, isn’t it?
Miss Bianca
@Le Comte de Monte Cristo, fka Edmund Dantes: why am I finding this funnier than I really think I ought to?
Major Major Major Major
@Alain the site fixer: I was responding to Martin, who said “their existing investment in bitcoin is likely to spike with that kind of demand to buy Bitcoin hitting the market”, pointing out that the opposite was happening.
At any rate, we’re talking about a market that sees (back of the envelope) $600 billion traded per day, so this isn’t really likely to do much of anything.
? Martin
Oh, the reason I don’t worry that much about encryption is that getting to your backups is not really much of a risk. If your backups are always attached to your system, then they’re at risk of getting encrypted in a ransomware attack, but if they were previously encrypted, you now have this other layer of encryption on top of that, and you still can’t get to your stuff. So you haven’t saved yourself by encrypting. But they can’t encrypt a service like Backblaze using this method, so if you did get hit by ransomware, just reformat your computer, and backup from Backblaze.
The most important thing for people to focus on is their passwords and personal info. Get a good password manager. I use 1Password. There are other good ones. Use the tools in the program to identify vulnerable and duplicate passwords and reset them to strong unique passwords. Find accounts you don’t use and delete them. Eliminate all of the other cheats you used to use to remember your passwords (notes, etc.) and use the password manager religiously. These also have elements that help with 2 factor authorization, so turn that on for all services that give you the option. That will solve 90% of the problems you are likely to run into.
After that, keep your systems patched constantly. Set up the automatic download and install option on everything you have. When a new version of the OS comes out, upgrade to it reasonably quickly. Don’t sit on an old OS for years.
Adam L Silverman
@Enhanced Voting Techniques: Actually the same law firm that has been handling Rosneft.
Roger Moore
@JanieM:
I use the Linux dmcrypt layer, but I don’t think that would help you much. I think newer versions of Windows include whole disk encryption as an option, but I don’t know how well it works for removable drives, e.g. if you can decrypt them from a different computer. If you’re most interested in protecting a few critical files, it might be better to encrypt the individual files and back them up to the cloud.
Alain the site fixer
? Martin:For the cloud backup, do you backup the entire drive like the OS too, so you can restore the computer, or just files?
I’ve been considering setting up full-system backup (a copy of important files also backed-up to the cloud separately) and having that uploaded, but still in the early stages of exploration. I sort of prefer the idea of more hassle and expense, but a simple download-and-you’re-off approach beats downloading then reinstalling everything, configuring the OS and software, hardware, license and registrations, etc.
Brachiator
@Alain the site fixer:
@? Martin:
I have an Android phone and Android tablet, which have been very solid (I never jailbreak or side load, and am very picky about the apps I use). I have an old iPad which I hope to update soon. My Chromebook has been rock solid with respect to security. I have to use Windows for work related stuff, and do everything I can to keep things up to date and secure.
I had a neighbor who got a used Windows based machine from a friend. He never, ever ran any security updates, and just did not want to learn anything about stuff like that. And so he soon had problems with pop-ups and God knows what else. I don’t totally blame him though. I appreciate some of Apple’s approach (and that behind the Chromebook). For some consumer level stuff, you really need to make security super easy or nearly invisible to the user.
Enhanced Voting Techniques
@TenguPhule: An intert rock would have sense not allow the world “Russian” to be near Trump after this week, yet….
rikyrah
White House doesn’t deny Trump recording conversations
05/12/17 04:37 PM
By Steve Benen
Donald Trump jolted the political world this morning, making a not-so-veiled threat towards former FBI Director James Comey via Twitter, saying Comey “better hope that there are no ‘tapes’ of our conversations before he starts leaking to the press!”
Among other things, this raised the specter of previously unknown recordings of Trump’s conversations with Comey – and any number of other discussions the president has held in the White House.
To no one’s surprise, the White House press corps was eager to hear more about the topic Trump raised.
No one should blame reporters for a lack of effort. Does Trump have recordings of Comey? “The president has nothing further to add on that,” Spicer said. Are there recording devices in the Oval Office? “The president has nothing further to add on that,” Spicer said. Are there recordings in the White House residence? “The president has nothing further to add on that,” Spicer said.
clay
@Le Comte de Monte Cristo, fka Edmund Dantes: That is not entirely dissimilar to the Neal Stephenson novel Reamde that I referenced above. In it, Russian gangsters get a thumb drive full of stolen credit card info, but that drive turns out to have ransom malware on it. (The ransom is for payment through a World of Warcraft-style MMRPG instead of Bitcoin.)
The Russians track down the hackers in mainland China. But little do they know that there are Islamic terrorists with one floor down…
The Moar You Know
There’s a little thing called “Automatic Updates” which has been around since XP, and if you don’t have it enabled on every single system in your network, you’re either grossly incompetent or criminally negligent.
That being said, they can only patch what they know about. A lot of this current outbreak was avoidable. The next ones will be less avoidable. Fully sandboxed operating systems must be implemented and soon.
There are people out there sitting on top of stuff that can bring the world as we know it to an end.
Alain the site fixer
@Brachiator: Based on some personal experiences traveling, I can tell you – NEVER use a public computer unless you can help it. This is one way that bad guys get a crumb to get into your life – your email address, password, name and address, lots of info that might show up onscreen or that you type in can get intercepted.
Hotel pcs in courtesy office centers are targets for bad guys and malware. So if you use one, and let’s face it – who doesn’t sometimes, right? – only use it if it’s creating a virtual machine. Even then, beware – a small camera above or behind you will capture screen and keyboard content, and there could be a physical keylogger in the keyboard.
What do I mean by a virtual machine? Well I think it’s a lot of what consumer-facing operating systems will become. When you sign in, a new Windows instance is spun up by the server. this isn’t just a new user, it’s a new instance of Windows created from a safe, read-only image. So you know that it’s safe from crap that other folks have installed. That’s a lot of what you get from the combination of a tablet that requires an App Store to install apps plus a walled-garden for that store plus a rigid policy on the operating system and extensions to it. So when I travel now, I always prefer to use my own phone or tablet, and, if I cannot be sure that the WiFi connection is secure, I either tunnel, or, with my phone, turn off WiFi and use the phone company. I know they’re secure, at least from crooks. Government, foreign or domestic, is another story. I worry about criminals.
clay
@rikyrah: Spicer’s response could mean that he has no idea… How can any WH employee know what to say at this point?
It’s worth noting that Trump has been alleged to bug his hotel rooms.
? Martin
@Alain the site fixer: Locally I back up everything. In Backblaze I omit the OS files, but back up my user files, apps, and settings. So I can’t do a metal restore from Backblaze – but I can do an install/restore user. By backing up everything to the local, I can do a fast/dirty restore to a machine just to ensure the backup is working. It’s really only to verify the backup is good.
As a Mac guy, Apple’s approach to restoring after a reinstall or to a new machine is really a snap, so it’s set up around that workflow. But I’m a huge, huge proponent of reducing friction. The harder it is to do, the less likely you are to do it, or to do it properly. So figure out what you want your restore workflow to look like (3rd party, etc.) and then dial it in to that workflow as perfectly as you can.
Roger Moore
@? Martin:
That’s the theory, but I have some questions about how it will work in practice. Bitcoin is only valuable as long as people think it’s valuable. That’s true of all fiat currency, of course, but most fiat currency has governments doing things like demanding people use it to pay their taxes, accept it when taking government contracts, etc. that guarantees that it will continue to have uses. If people collectively decide that Bitcoin is dodgy and decide to start using some other cryptocurrency instead, there’s nothing to prop it up.
? Martin
@Brachiator:
Yeah, there were some first principle decisions that Android got wrong, that I think are hurting the platform now. One of the worst is the inability to get updates for most Android devices, unless you buy a Google branded one (which I highly recommend for those wanting to go Android).
What you are seeing Microsoft doing with respect to Windows S is to copy as much of the benefits of iOS as they can reasonably do. It’s a good idea, and I would recommend everyone use S for their personal computer once it’s feasible, but I question whether their user and developer base will tolerate it. iOS can feel constraining, but it’s really, really hard to fuck up. I feel comfortable handing it to anyone and not worrying that they’ll screw up security on it. Chromebook is the same way (better in some respects). It’s almost impossible to screw up. That’s really where consumer computing needs to be – it needs to be bulletproof.
What we’re seeing today, though, is a failure of institutional computing. Different beast, different set of solutions.
? Martin
@Roger Moore: Yep. The US government can always demand that dollars be legal tender and that taxes and trade goods be paid in dollars. They can mandate demand for the currency. Bitcoin can’t do that. I don’t think a lot of people consider the importance of that particular regulatory benefit of government issued fiat currency.
Peale
@Roger Moore: IDK. What is going to prop it up are the demands of criminal hackers demanding regular tribute. If the barbarians demand shit so that they’ll go back to the steppes and leave the civilized world alone, shit has value.
Roger Moore
@Major Major Major Major:
That’s actually better for the criminals. If Bitcoin is down today and bounces back, all the Bitcoin they receive today will be worth more after the recovery.
TenguPhule
@Enhanced Voting Techniques: Inert minerals were rejected by Trump after they refused to swear loyalty oaths to him.
They cited bedrock integrity.
Central Planning
Everyone should be using a free account from OpenDNS to protect their home networks (I’m assuming everyone has some sort of device that does NAT/firewall).
If you can’t do that, at least change your DNS to point to the OpenDNS servers – 208.67.222.222 and 208.67.220.220 (Don’t worry, there are actually more than 2 servers that are spread all over the world).
The Lodger
@Mingobat f/k/a Karen in GA: I have an extremely vague memory of Morgan Lewis and Bockius from my reporting days in the Philly area pre-1983. I doubt they were doing any work for Russians back then.
schrodingers_cat
@Central Planning: Can you explain why and what is the advantage to do that? Thanks.
Brachiator
@Alain the site fixer:
Excellent advice. But again, in the real world (and this includes me, briefly several years ago), people have to use a public PC in a library to do a job search and send resumes. Some libraries try to police machines and help guard against problems, but hey.
I get so paranoid now that I once walked away from an ATM machine because this young woman seemed to be hovering nearby for no particular reason. May have been totally innocent, but she had her smartphone out doing … something.
And I am pretty sure that someone tried to hack my info while I was at a coffee shop across the street from a local community college.
Yep. Good tips. I avoid this as much as possible.
Yep. Good stuff. An easy on virtual machine would seamlessly help a lot of folks do safer computing.
Gin & Tonic
@schrodingers_cat: DNS is the protocol which translates a domain name, like balloon-juice.com, to a numeric value (an IP address) which is understood by your computer/tablet/router/whatever. Lots of orgs run DNS servers, including your ISP. For the most part, it is a relatively insecure protocol and your ISP does no filtering. OpenDNS does some filtering, and allows you to do more if you wish, but its advantage is that as they become aware of phishing/malware sites they will not resolve DNS for them, so if you are using their server for your DNS lookup you will not reach the sites they’ve determined are malicious. It’s just one more layer of security.
Uncle Cosmo
@Alain the site fixer: I had the opposite problem a few years back: I spent a night in a youth hostel in Munich, & in the morning I was going to buy a bus ticket for Prague. In order to let my friends in Prague know when I was coming in, I hopped onto a public terminal at the hostel & tried to sign into my Outlook e-mail account.
Outlook said something like, You’re signing on from somewhere you’ve never signed on from before, so we are blocking your access until you provide the following information–& in a brilliant Catch-10110, the information it demanded was stuff I couldn’t find without being signed into Outlook (e.g, “the last 5 addresses you sent e-mail to”). No way to contact Microsoft to resove the problem. Screwed, stewed & tattooed.
So I took off incommunicado. When I reached Prague I had to hire a stranger’s mobile in order to call my friend (I had no access with my mobile phone because my Czech SIM card was at my friend’s apt in the Prague suburbs). I was incredibly lucky a couple of days later to somehow retrieve from between-the-ears memory those last 5 e-mail addresses & restored my e-mail service. It all worked out eventually & I suppose for security’s sake it was for the best but jeezy peezy did it leave a lousy taste in my mouth and an even greater loathing for Microsoft (something I never would have thought possible, that my already monstrous loathing for MS could actually grow larger). Grrrr…..
mai naem mobile
@Elizabelle: thanks
Central Planning
@Gin & Tonic: thanks for the assist!
If you sign up for a free account, you get more granularity and reporting, and your can use it to block sites/ categories (can be helpful if you have kids)
Also, OpenDNS is just one piece of the security puzzle, so don’t think it will stop everything bad
You can also read more about the malware here http://blog.talosintelligence.com/2017/05/wannacry.html?m=1
tybee
the 11th commandment: those who shall have made backups are truly blessed.