MESSAGE
| DATE | 2017-05-15 |
| FROM | Ruben Safir
|
| SUBJECT | Re: [Hangout of NYLXS] Death of Microsoft
|
From hangout-bounces-at-nylxs.com Mon May 15 09:22:18 2017
Return-Path:
X-Original-To: archive-at-nylxs.com
Delivered-To: archive-at-nylxs.com
Received: from www.mrbrklyn.com (www.mrbrklyn.com [96.57.23.82])
by mrbrklyn.com (Postfix) with ESMTP id E5E17161312;
Mon, 15 May 2017 09:22:17 -0400 (EDT)
X-Original-To: hangout-at-nylxs.com
Delivered-To: hangout-at-nylxs.com
Received: from [10.0.0.62] (flatbush.mrbrklyn.com [10.0.0.62])
by mrbrklyn.com (Postfix) with ESMTP id B2899160E77
for ; Mon, 15 May 2017 09:22:15 -0400 (EDT)
To: hangout-at-nylxs.com
References: <789b4251-58a6-9599-90f0-cd4edc07980f-at-mrbrklyn.com>
<1608175.rRMWUxKrTF-at-glsector2814>
<929b7dfd-5ca4-5339-0a45-ea2e179f64f1-at-mrbrklyn.com>
<4263099.QAU8IHmhjn-at-glsector2814>
From: Ruben Safir
Message-ID: <9e6cdd13-dd76-ff67-da53-3aed7908f5f9-at-mrbrklyn.com>
Date: Mon, 15 May 2017 09:22:15 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.0
MIME-Version: 1.0
In-Reply-To: <4263099.QAU8IHmhjn-at-glsector2814>
Content-Language: en-US
Subject: Re: [Hangout of NYLXS] Death of Microsoft
X-BeenThere: hangout-at-nylxs.com
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NYLXS Tech Talk and Politics
List-Unsubscribe: ,
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Errors-To: hangout-bounces-at-nylxs.com
Sender: "Hangout"
On 05/15/2017 09:15 AM, FarSight Data Systems wrote:
> On Monday, May 15, 2017 09:07:28 AM Ruben Safir wrote:
>> On 05/15/2017 08:57 AM, FarSight Data Systems wrote:
>>> Much as I might like to see it, too many systems around the wold are us=
ing
>>> it, and sheer inertia will keep people and companies using it.
>>>
>>> A sad commentary. I expect there'll be a rush to fix the problem.
>>>
>>> Until the next one
>>>
>>> and the next
>>>
>>> and the next ...
>>
>> This one seems like the one to break the camels back. Look at the MS
>> reaction. They are blaming the Feds.
> =
> Why would it be the Feds fault? They didn't create the software. Classi=
c deflection. I =
> wonder if they think the companies will drink that kool aid. I expect a =
lot of people will, but =
> the companies? I don't think so.
> =
http://www.pcworld.com/article/3196523/security/microsoft-blames-us-stockpi=
led-vulnerability-for-ransomware-attack.html
Microsoft blames U.S. stockpiled vulnerability after WannaCry ransomware
attack
The stockpiling of vulnerabilities by governments is a big problem, the
company said.
By John Ribeiro
Bangalore Correspondent, IDG News Service | May 15, 2017 5:20 AM PT
nsa aerial
Credit: NSA
More like this
img 20170512 095943
A ransomware attack is spreading worldwide, using alleged NSA exploit
img 20170512 095943
Old Windows PCs can stop WannaCry ransomware with new Microsoft patch
cia
Did the CIA hack you? Wikileaks leak may allow antivirus vendors to tell
Video
Why You Lost Your Windows 10 Product Key
Microsoft on Sunday said a software vulnerability stolen from the U.S.
National Security Agency has affected customers around the world, and
described the spread of the WannaCry/WannaCrypt ransomware on Friday in
many countries as yet another example of the problems caused by the
stockpiling of vulnerabilities by governments.
Referring to the attack as a =93wake-up call,=94 Microsoft=92s President and
Chief Legal Officer, Brad Smith wrote in a blog post that governments
have =93to consider the damage to civilians that comes from hoarding these
vulnerabilities and the use of these exploits.=94
The ransomware, also called WannaCry or Wana Decryptor, works by
exploiting a vulnerability in some older versions of Windows. It has
been suspected for some time now that the malware came from a cache of
hacking tools reportedly stolen by hacking group Shadow Brokers from the
NSA and leaked on the internet. WannaCry is said to take advantage of a
NSA hacking tool, called EternalBlue, that can make it easy to hijack
unpatched older Windows machines.
[ Further reading: How the new age of antivirus software will protect
your PC ]
Microsoft is now confirming that the WannaCrypt exploits used in the
attack on Friday were drawn from the trove of exploits stolen from the
NSA. =93Until this weekend=92s attack, Microsoft declined to officially
confirm this, as US Gov refused to confirm or deny this was their
exploit,=94 wrote NSA whistleblower Edward Snowden in a tweet.
On March 14, the company had released a security update to patch the
vulnerability. =93While this protected newer Windows systems and computers
that had enabled Windows Update to apply this latest update, many
computers remained unpatched globally,=94 Smith wrote. =93As a result,
hospitals, businesses, governments, and computers at homes were affected.=
=94
On Friday a number of agencies and businesses around the globe,
including the U.K.=92s National Health Service, were disrupted by the
malware, which is estimated to have hit over 100,000 organizations in
150 countries, Rob Wainwright, executive director of Europol, the
European law enforcement agency, told ITV.
Microsoft rolled out over the weekend a patch for Windows XP, Windows
Server 2003 and Windows 8, which are operating systems for which it no
longer provides mainstream support.
There are apprehensions that a second wave of the attack may arrive
Monday as employees return and switch on affected computers. The
attackers could also hit back with a variant of the malware that does
not have a provision for the =93kill switch=94 found by a researcher to stem
the first round of attacks. =93Version 1 of WannaCrypt was stoppable but
version 2.0 will likely remove the flaw. You=92re only safe if you patch
ASAP,=94 wrote the researcher on Twitter.
Microsoft called in February for a =93Digital Geneva Convention=94 laying
down the rules for the protection of users from state cyber attacks,
including a requirement for governments to report vulnerabilities to
vendors, rather than stockpile, sell, or exploit them. =93We have seen
vulnerabilities stored by the CIA show up on WikiLeaks, and now this
vulnerability stolen from the NSA has affected customers around the
world,=94 Smith wrote.
Exploits in the hands of governments have repeatedly leaked into the
public domain and caused widespread damage, wrote Smith, who compared
the leaks of CIA and NSA vulnerabilities to the U.S. military having
some of its Tomahawk missiles stolen. =93This most recent attack
represents a completely unintended but disconcerting link between the
two most serious forms of cybersecurity threats in the world today =96
nation-state action and organized criminal action,=94 he added.
> Mark
> =
>>
>>> Mark
>>>
>>> On Monday, May 15, 2017 02:42:15 AM ruben wrote:
>>>> So, this looks like it is it. MS has created the catastrophy we all
>>>> feared and predicted they would and looks like this might well be the
>>>> end of them
>>>> _______________________________________________
>>>> Hangout mailing list
>>>> Hangout-at-nylxs.com
>>>> http://www.nylxs.com/mailman/listinfo/hangout
>>>
>>> _______________________________________________
>>> Hangout mailing list
>>> Hangout-at-nylxs.com
>>> http://www.nylxs.com/mailman/listinfo/hangout
> =
> =
> =
> _______________________________________________
> Hangout mailing list
> Hangout-at-nylxs.com
> http://www.nylxs.com/mailman/listinfo/hangout
> =
-- =
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://www.nylxs.com/mailman/listinfo/hangout
|
|
