Backup questions in the same channel can be almost as good as two factor using a second channel (e.g. cell phone), especially if the site you are accessing pretends the correct password you first enter is bad and if there are several backup questions the site can randomly pick. Moreover, the site can even pretend a bad password is good while providing garbage information. Normal users just have to be informed they might have to log in again if they get garbage. The underlying idea of both tactics above is to make a hacked entry hard to repeat and to make hacked information untrustworthy.
9 posts • joined 14 Feb 2015
Anonymous Coward, I assume you are replying to my initial post.
Yes, I do know that payloads can and are able to infect more than one operating system. However, the presence of a payload does not mean it is operational. Note that my initial post also said that you could actually use another version of your work system that was guaranteed not to be infected by just mounting a data drive on the guaranteed uninfected system.
At some point a file read has to fail or no one would pay a ransom. Why not use that requirement to detect ransomware encrypted files? All you need is a disk read that is completely independent of your working system. As I said earlier, you could even have the code running under an infected operating system; it just cannot use the any of the usual, possibly infected, disk read/write mechanism. Indeed, any computer that had its own, unique disk read/write method would make it difficult for ransomware to encrypt files in the first place, although it could be done by encrypting/de-encrypting at the application level.
There is a simple way to detect ransom/crypto ware that would be hard to defeat. Just have your data drives read by a another operating system that is independent of the one you usually use. Your "foreign" system should fail to successfully read ransomware encrypted files, telling you that your working operating system has been infected. This can be as easy as having Linux read Windows files or vice versa. The anti-malware/anti-virus people could also implement something that effectively does the same, although it would be a bit more difficult to do that within your usually operating system. Simply having a guaranteed uncontaminated machine running your usual operating system reading the working systems data disks might possibly do. The bad guys would have a problem trying to hide from a file reading process that is independent of the system they have contaminated.
If you try and edit an existing article in Wikipedia, you may find those who created and maintained editing of the page have a stranglehold. Your own edits may be rapidly reversed if they deviate from the theme and thrust of the article irrespective of how valid they may be. Although you can win with enough evidence and persistence, winning can be a painful experience.
There is another tact. Start your own article on the subject with the theme and thrust you prefer. Then, you will have the advantage of the home team. Hopefully, your theme and thrust includes giving readers accurate, concise, and well documented evidence about the subject.
Re: Er, but...
The Axe, not much is wrong with charging ISP customers for different levels of service. Indeed, ISPs have been doing that from the beginning, including under Net Neutrality. What they are not allowed to do to give an advantage or disadvantage to data packets coming to their network from outside their customer base. Under Net Neutrality, Internet traffic should be handled the same no matter whether it originated from the East or West Coast, even if one of those places is in the UK and the other in the US.
The first thing I did after readings Orlowski's rather twisted article was to check to see if he was shill for cable networks; he is not. It seems he is a longtime Register columnist who has a history of trying to be an iconoclast. This is not the first time he has written something "outrageous."
Orlowski's arguments about packets and ISP intents is cuckoo. One does not have not have to know much about network management and packet traffic to know whether an ISP is violating new neutrality. One just needs to find contracts/offers that promise special treatment after paying special prices, especially if the contracting company chews bandwidth when delivering product to an ISPs retail customers. Hulu and Netflix are examples of such companies. One could also check whether an ISP actually delivered special treatment to some companies. However, ISPs do not have to actually deliver special treatment in order to violate net neutrality. They just have to make and to collect on the offer of special treatment.
Agree but ...
I have to agree with what moiety posted:
"Problem is, everyone's doing it and to stop doing it would put you at a significant disadvantage, so it's not going to happen."
However, I disagree with moiety that "it's vitally important for it to remain illegal." Instead, what should be illegal is the use of the gathered information for anything but national security purposes. That way, the information can be gathered while private citizens can keep their private activities as secret as if the information had never been tapped, even if the private citizens were communicating moral failures, such as adultery, and even criminal behavior. Lawyers, medical doctors, psychologists, and other professionals already operate under similar aimed at protecting confidential client information. Spooks could operate under similar rules.