OT Ransomware for everybody and, yes, Mac users, that includes you.

On 2017-03-10 18:17, Tony Cooper wrote:
On Fri, 10 Mar 2017 12:42:30 -0800, Savageduck
wrote:

On 2017-03-10 20:08:20 +0000, Eric Stevens said:

http://semiengineering.com/the-evolv...omware-threat/

https://www.trendmicro.com/vinfo/us/...eports/roundup

The

solution is simple; DON'T USE TORRENTS!

I was lucky. Almost. Some guy from Microsoft called me to tell me
something was wrong with my computer and he'd fix it if I would allow
him access through TeamViewer.

Unfortunately, he had a strong Indian accent and I couldn't follow the
instructions and he finally gave up.

He must have fixed it anyway, though, because I haven't had any
problems since then.

I got the same guy. Greatest tech ever. Really! His Windows specific
instructions seemed to have fixed my Mac. I was very grateful.

--
"If war is God's way of teaching Americans geography, then
recession is His way of teaching everyone a little economics."
..Raj Patel, The Value of Nothing.

Per Alan Browne:
having one's data backed up in multiple copies, kept in
multiple locations and preferably by at least 2 methods is the insurance
one needs. Too few practice it.

And the "Air Gap" implicit in above comes up the more I read about this
stuff.
--
Pete Cresswell

Per Tony Cooper:
and he'd fix it if I would allow
him access through TeamViewer.

One of the Brit ISPs has had enough instances of that that they are
blocking the use of TeamViewer until they and the TeamViewer publishers
come up with something better.
--
Pete Cresswell

On Sat, 11 Mar 2017 12:47:49 -0500, nospam
wrote:

In article , David B.
wrote:


complete non-issue for those with a good backup strategy, regardless of
platform.

I seem to recall reading that simply using Time Machine, which is
physically connected to my iMac, will be inadequate protection against a
ransomware attack.

Is that right?

no it's not, but if you want to be safer, put it on the network.

As you know, I'm not a Mac user and I know almost nothing about how
time machine works. But can you tell me how in its normal installation
Time Machine is protected from and protects from Denial of Service
attacks?
--

Regards,

Eric Stevens

On Sat, 11 Mar 2017 12:47:48 -0500, nospam
wrote:

In article , Tony Cooper
wrote:

people get freaked out about ransomware for some reason, even
though a hard drive failure is more likely to occur or a user
****-up, such as deleting the wrong document by mistake.

the proper solution is have up to date backups, which will cover
*any* disaster

if ransomware does hit, there's also a bit of a thrill in telling
the scumbags to **** off and that you won't be paying *anything*.

Why on earth would you contact the scumbags to tell them anything?

The entire idea of ransomware is that they contact you and ask for money to
unlock your data.

I've never been a victim, but wouldn't they have to contact you by a
message on the screen?

yes.

Why would anyone respond to that message? Why
engage them?

because they don't have a backup and have no choice.

those that do have backups don't need to pay anything, so they can tell
the scumbags to **** off, your little scam failed.

Would not your backup be at risk if it consists of a permanently
connected external drive?
--

Regards,

Eric Stevens

In article , Eric Stevens
wrote:


complete non-issue for those with a good backup strategy, regardless of
platform.

I seem to recall reading that simply using Time Machine, which is
physically connected to my iMac, will be inadequate protection against a
ransomware attack.

Is that right?

no it's not, but if you want to be safer, put it on the network.

As you know, I'm not a Mac user and I know almost nothing about how
time machine works.

then why did you start a thread about mac ransomware?

But can you tell me how in its normal installation
Time Machine is protected from and protects from Denial of Service
attacks?

dos attacks aren't the issue.

time machine can use a directly attached drive or a network drive.

for the former, the drive can be unmounted when not needed even if it
remains physically connected. for the latter, it's only mounted when a
backup is taking place.

in the unlikely event malware hits, the malware would need to know
there is an unmounted time machine drive, find it, mount it and then
attack it.

while it's theoretically possible for that to happen, the chances are
for all intents, zero. it's also possible a meteor will hit your house,
and the chances for that too is for all intents, zero.

malware authors are not going to bother with edge cases such as that
when what they're doing already has billions of potential targets, most
of whom do not have any backup at all. it's far too much work for very
little gain.

it's much more likely that the hard drive itself will fail or a buggy
app corrupts the data or some other data loss, versus ransomware to
occur, yet for some reason, people get all freaked out about ransomware
and don't do *anything* to cover for the rest.

In article , Eric Stevens
wrote:


Why would anyone respond to that message? Why
engage them?

because they don't have a backup and have no choice.

those that do have backups don't need to pay anything, so they can tell
the scumbags to **** off, your little scam failed.

Would not your backup be at risk if it consists of a permanently
connected external drive?

a permanently connected external drive (or internal for that matter) is
not a backup. it's a second drive.

Alan Browne:
This Mac user would be up and running in 30 minutes or less and fully
recovered in a couple hours.

But then, ****, I've only been using, programming, building, repairing,
maintaining and backing up computers for 40 years.

Ah, well, you're still new at this. You'll get the hang of it after a
bit. 55 years for me, age 18, USAF.

--
I agree with almost everything that you have said and almost everything that
you will say in your entire life.

usenet *at* davidillig dawt cawm

On 2017-03-11 21:08:57 +0000, Eric Stevens said:

On Sat, 11 Mar 2017 12:47:49 -0500, nospam
wrote:
In article , David B.
wrote:


complete non-issue for those with a good backup strategy, regardless of
platform.

I seem to recall reading that simply using Time Machine, which is
physically connected to my iMac, will be inadequate protection against a
ransomware attack.

Is that right?

no it's not, but if you want to be safer, put it on the network.

As you know, I'm not a Mac user and I know almost nothing about how
time machine works. But can you tell me how in its normal installation
Time Machine is protected from and protects from Denial of Service
attacks?

The first clue as to how "Time Machine" works to backup all, or
selected files and folders on a Mac lies in its name.

After set up and initial back up, it will run at selected time
intervals to run a back-up/file update which is accessible for various
levels of recovery in date and time slices. These "time slices" can be
weekly, daily, but most commonly hourly, and occasionally a back-up on
demand. "Time Machine" keeps hourly backups of files for the previous
24 hours, then a single daily backup of your files for each of the last
30 days, and then weekly backups until such point as the backup disk
becomes full and TimeMachine needs to remove the oldest backups to make
space for new ones.

If you don't care to make hourly back-ups and prefer to isolate your
back-up drive between back-ups, you can always connect the drive to the
computer and make an on demand back-up, and then disconnect. This needs
a good amount of discipline to keep up, as doing things that way can be
a royal PIA, and is subject to lapses.

Using this method limits an hourly back-up to a few Mb to multiple GB.
This means that once the damage or contamination event is identified,
recovery of files, damaged or otherwise contaminated can be easily
located.

So each recovery can be made back to a known clean back-up which is
going to be isolated from a contamination event.

--
Regards,

Savageduck

On Sat, 11 Mar 2017 16:51:25 -0500, nospam
wrote:

In article , Eric Stevens
wrote:


complete non-issue for those with a good backup strategy, regardless of
platform.

I seem to recall reading that simply using Time Machine, which is
physically connected to my iMac, will be inadequate protection against a
ransomware attack.

Is that right?

no it's not, but if you want to be safer, put it on the network.

As you know, I'm not a Mac user and I know almost nothing about how
time machine works.

then why did you start a thread about mac ransomware?

I didn't. I started a thread about 'Ransomware for everybody' and
added a note that Macs were not excluded.

But can you tell me how in its normal installation
Time Machine is protected from and protects from Denial of Service
attacks?

dos attacks aren't the issue.

Quite right. I hit the wrong mental macro key. I intended
'ransomware'.

time machine can use a directly attached drive or a network drive.

for the former, the drive can be unmounted when not needed even if it
remains physically connected. for the latter, it's only mounted when a
backup is taking place.

OK. I presume that you have to be there while the backup is being
done. I would have to give up my 2am backups.

in the unlikely event malware hits, the malware would need to know
there is an unmounted time machine drive, find it, mount it and then
attack it.

Slim chance, I agree.

while it's theoretically possible for that to happen, the chances are
for all intents, zero. it's also possible a meteor will hit your house,
and the chances for that too is for all intents, zero.

malware authors are not going to bother with edge cases such as that
when what they're doing already has billions of potential targets, most
of whom do not have any backup at all. it's far too much work for very
little gain.

it's much more likely that the hard drive itself will fail or a buggy
app corrupts the data or some other data loss, versus ransomware to
occur, yet for some reason, people get all freaked out about ransomware
and don't do *anything* to cover for the rest.

So time machine won't be sufficient on its own.
--

Regards,

Eric Stevens