So Marcus Hutchins, of #WannaCry fame and who had been arrested in the US has pleaded guilty to writing banking #trojan software. Over on the birdsite there's lots of strong opinions. I blogged my opinion that it's a big world out there and trying to dismiss him as a criminal or pardon him because he's a hero are fundamentally misguided. https://blog.paco.to/2019/marcus-hutchins-infosec-soul-searching/
Oh great, the guy who basically saved the world from #wannacry is getting punished for it.
Let that be a lesson to you: If commercial or state infrastructure is under attack, just let it burn to the fucking ground – lest you get imprisoned for helping.
Brittish #NHS estimates the #Wannacry#ransomware attack had a cost of around 100 million euro. Did you know university researchers at the @unikonstanz@twitter.com developed an app that helps you recover data from a ransomware attack?
ANY "State Security" leaving security-holes in the population open to secure the State shows how not even the States' claimed function matters to them. They claim they must brutalize and invade us for the good of the general population, but stuff like #WannaCry shows they don't even intend to do that. They just protect the State as if it was a distict organism, populated by nothing except the wills of whoever happens to be in the ruling class at any arbitrary time.
So what then? Well, Statism will always lead to that point, so… draw your own conclusions: What should be abolished? The security of the general population or… the States, which are nothing but an abstract concept only existing by and via the existence and acceptance of the general population?
I know I'd choose people over… an imaginary nothing.
A reminder that this latest ransomware attack (#Petya) is made possible by #NSA-developed exploits #ETERNALBLUE and #ETERNALROMANCE (the former used in #WannaCry)---exploits that the government decided to hoard as 0days instead of notifying Microsoft to fix the issues. Instead of helping to protect the United States and its allies, it has made us far less safe. Petya and WannaCry are products of its negligence.
This issue goes back to the #VEP (the Vulnerabilities Equities Process)---the supposed process that is used by the government to determine whether to disclose to weaponize exploits. If WannaCry didn't spur enough discussion, let's hope this does.
If already locked out, power off FAST and only boot from external media (e.g. a LiveDVD) to recover your files before they're actually encrypted. https://soc.ialis.me/media/JCSF8fFmzSsgQMSLlFk
[pics from: @PTsecurity_UK@twitter.com and @GroupIB_GIB@twitter.com]