If they catch the WannaCry culprits

[phyzguy]

Are any of you familiar with Asimov's short story "A Perfect Fit"? I was thinking that if they catch the perpetrators of the WannaCry ransomware attack, Asimov already saw this coming and has their punishment all ready.

 

[jedishrfu]

I'm guessing the heat is on and they will find these guys.

 

[anorlunda]

It is also most interesting that those most affected are those who run pirated copies of Windows in China and Russia. According to the news, those who have been getting regular updates are immune. Will there be pressure now for software vendors to support pirate copies? Suppose refusing to do so causes deaths? Suppose pirated SW could accidentally launch nuke missiles in NK? It makes a real dilemma.

Zero day exploits, are not limited to Microsoft. Unix, hard drives, routers, NIC cards, and mother boards all have zero day exploits.

The government has a committee that is said to evaluate these zero day exploits to decide whether to conceal/exploit them or to reveal them to the SW vendor for patching. They are said to weigh the offensive value versus defensive risks. How in the world can one make a factual assessment of the max damage an exploit could cause? The mere idea of making such an assessment is preposterous.

I worked many years in SW relating to the security of the power grid and nuclear power. We don't use Microsoft and our critical stuff is air gapped, but we are forced to use the same merchant software and hardware as anybody else in the world. It infuriates me that we might have vulnerabilities in our systems that our government knows about but refuses to reveal so that we could fix them. It infuriates me even more when that same government comes with a pitch for public-private partnerships to improve security. The offensive cyber capabilities of our own government are a major source of risk to the defensive vulnerabilities of our civilian critical infrastructure.

 

[jedishrfu]

The story is like the man without a country short story where a young man bitterly criticizes his country and is placed aboard a ship never to set foot on his native soil again.

https://en.m.wikipedia.org/wiki/The_Man_Without_a_Country

 

[jedishrfu]

The exploitation of zero days is the outcome of countries jockeying for position in the world causing one country to not trust any other. Many countries have cyber war operations and all are seeking the best exploits.

It's so sad that we are balkanizing the openness of the internet in so many ways for so many reasons.

My guess is that eventually we will have a total lockdown on computer updates unless AI technology can somehow identify malware and eliminate it from being downloaded and installed.

 

[anorlunda]

My guess is that eventually we will have a total lockdown on computer updates unless AI technology can somehow identify malware and eliminate it from being downloaded and installed.

For consumer use, that wouldn't be so bad. A laptop with all software in ROM, non-alterable, non-updatable. Discard it when it becomes obsolete. Devices like the Chromebook are halfway there.

If you study The New Hacker's Dictionary, you'll see that we have been going back and forth on that concept for more than 60 years (I forget the term, it was "the cycle of ..." something). Push intelligence out to the perimeter (smart devices) or centralize the smarts and make the devices dumb. In the future, I predict that we will flip-flop and change our ideas on that issue again and again.

 

[jedishrfu]

Yeah I've seen that trend of back and forth. We started with terminals. They got smarter when pcs came out then went back to terminals for X-windows and then back to pcs and now we see a resurgence of Remote Desktop usage and the air gap.

 

[stoomart]

The exploitation of zero days is the outcome of countries jockeying for position in the world causing one country to not trust any other. Many countries have cyber war operations and all are seeking the best exploits.

It's so sad that we are balkanizing the openness of the internet in so many ways for so many reasons.

Agreed. When you consider a zero-day exploit as a weapon, it's no wonder why countries invest heavily to stockpile them, though unlike conventional weapons, zero-days are only effective until exposed and patched.

 

[DavidSnider]

Agreed. When you consider a zero-day exploit as a weapon, it's no wonder why countries invest heavily to stockpile them, though unlike conventional weapons, zero-days are only effective until exposed and patched.

People have already shown methods to automatically reverse engineer exploits FROM patches. This creates an interesting problem about how to distribute patches.

 

[jedishrfu]

Its not too bad of a problem if autoupdate is implemented. Machines would get the patch installed sooner than later making reverse engineering less feasible.

Of course that brings up the worry of the updating protocol getting hacked.

 

[Jamison Lahman]

The exploitation of zero days is the outcome of countries jockeying for position in the world causing one country to not trust any other. Many countries have cyber war operations and all are seeking the best exploits.

It's so sad that we are balkanizing the openness of the internet in so many ways for so many reasons.

My guess is that eventually we will have a total lockdown on computer updates unless AI technology can somehow identify malware and eliminate it from being downloaded and installed.

I was right there with you and then you completely lost me haha. Why not just mandate rolling updates for any computer connected to the internet and make it illegal for government institutions to sit on zero-day exploits?

 

[Routaran]

make it illegal for government institutions to sit on zero-day exploits?

I would love to go further and say make it illegal for anyone to sit on zero days.

 

[Jamison Lahman]

I would love to go further and say make it illegal for anyone to sit on zero days.

Interesting. I had never thought of that. It is certainly a possibility if you consider them a weapon of sorts. However, I think people should be allowed to sit on zero days for two reasons: one, the more rights the better imo and 2, programmers would no longer have an incentive to find exploits. Some people make a living finding security flaws in codes and they should be able to haggle with the companies to reach an appropriate price so they can patch the exploit.

 

[jedishrfu]

Perhaps an open auction for exploits would work where anyone could bid for them.

 

[Tom.G]

Perhaps an open auction for exploits would work where anyone could bid for them.

WHAT!? And get jailed as an "accessory" for selling to the wrong bidder?

 

[jedishrfu]

The bidder would get arrested too, right? Problem solved.

The idea is to take out of the Dark Web where this already happens and it allows companies to bid on it to keep it from prying eyes. The seller discovered it and waits until the best respectable bidder comes along but its out in the open where bad guys might fear to tread.

Folks could buy it up and then resell it giving the company an incentive to buy it for good or to change things so that its ineffective.

 

[BL4CKB0X97]

I believe it was tracked to North Korea, although I wouldn't be surprised if they hadn't a clue and just blamed them because everyone would believe it.

 

[jedishrfu]

The dark web is a strange. Professional hackers can sell their exploits to anyone and mever know who buys it.

State actors like North Korea could easily have found stuff there.

 

[rootone]

I don't see how a state actor such as NK has anything to gain from ransomware attacks.
It's just normal robbery as far as I can see, and although my own PC defense dealt with it, an attempted hack appeared to originate from Poland.

 

[jedishrfu]

The advantage to NK is added money to their coffers. The international community has shut down a lot of their revenue streams. The money is needed to keep the gifting economy going. This is the way the leaders of NK have maintained their grip on power all these years.