Now that the dust has settled, what do we really think of Wannacry and its ilk?

>was it just because he did some retarded shit?
>running FireFox as root
I dunno user, what do you think?

They clearly aren't responsible enough to keep hold of their exploits

>news ridiculing them for having made only 5000
>news ridiculing them for having made only 22000
>news ridiculing them for having made only 50000
>Deadline for file deletion isn't even near yet
So if i had to guess the retards writting these articles are the ones who got affected by it and are trying to pull the old "I'M NOT EVEN MAD BRO"

this

>running firefox as root
>on gentoo

So, for winfags, should updates be mandatory?
I mean, keeping automatic updates is annoying and too much resource consuming

I think so.

At this point you know what you are getting into with Windows.

I think it's obvious what happened.

...

Windows 7 SP1 no updates here, the moment the shadow brokers files were made public i secured my system from glancing Sup Forums shitposts, this was months ago mind you

Might be North Korea using NSA bugs leaked by Russians to rip off easy targets. Could have been much worse if they targeted companies and threatened leaks. Microsoft should have given away the xp patches, but the NSA should have secured their cyberweapons. A bug isn't an exploit.

Monthly patch cycle makes it easy.

Was the ReactOS SMB implementation affected?

>tfw it wasn't

1) get everyone on Windows 10 which is (((safe)))
2) forced automatic updates for everyone forever - no exceptions, no excuses
3) phase out sales of any HDDs as well as of SSDs larger than ~500 GB to private users, everyone must keep their data in TheCloud(tm) which is (((safe))) from ransomware
4) push legislation in all western/EU countries outlawing strong encryption, restricting its use to military/government agencies and institutions

>"if all of these were in place, ItWouldn'tHaveHappened(tm)!!!"

> dust has settled
It only began.

>could've taken a stealthy approach and used the exploits to create a botnet and drop the payload later for a much higher amount of victims
>lol no instant giant red window alerting everyone and their mother you exist
>lol kill switch
Wasted potential

Almost as retarded as running an unknown executable file despite Windows warning you multiple times.

Don't even joke about it. There's people who earnestly believe every word you just wrote.

Remember; darling of American gun control, Carolyn McCarthy, did not know what she was trying to ban. She specifically included barrel shrouds as an "assault feature". When asked by a radio host what she thought a barrel shroud was, she famously replied
>the shoulder thing that goes up

Laws are not made by people who know what they're doing.

If I remove the file extension of all my files, will Wannacry ignore the empty files?

>normie
Reddit scum
Besides, this mostly targets enterprise systems. Normal people caught up in this just got unlucky.

bbc.com/news/technology-39924318

code implies GMT+9 timezone, scale of attack, only 3 bitcoin wallets for ransomware, all of it implies retards (amateurs) or the Norks did it.

As of this evening news, it's well over $70,000 in known payments made so far.

No reports of a single computer getting unlocked.

This so much. Like it's out in the wild for a week, then you hit a week later. Personally, I think thursday would have been better, and $50 would have been much easier to milk the people. fix some of the first to respond to make it seem like you're keeping your word, but then after like 100 or so fuck em. You do this on a thursday so it puts more pressure for them to pay up @ corps, and you shorten the time span to 36 hours & 4x in 4 days.

B-b-but if we outlaw encryption it won't stop the bad men from doing it. It only harms law abiding citizens.

North Korea really is best Korea

Same shit with arms ban, DRM, you name it. Criminals never care about the law, yet they are trying to outlaw things as if it made a difference to criminals.

At this point the malware authors are more trustworthy than the media and companies lying through their teeth to save face

Can someone explain how this happens? Do they target your ip and start sending you the malware and it gets onto your computer? I thought just being careful of what sites you use and having a firewall was enough

This sort of synchronized attack You might think would be the norm as a means of manipulating wall street or bitcoin values.

Necessary evil.
Everyone except the ones who lost data profits from this.

I'd love to see your argument in favor of guns but against DRM.

Civilians can make use of arms against tyranny.

Civilians cannot make use of DRM against tyranny.

It was just an example of something purportedly targeted against one group, but really hitting another because the first group doesn't give a fuck and gets around it anyway, while the second group is put at a disadvantage and becomes the victim.

>implying the kill switch isn't a red herring

Some programs are capable of inferring the filetype, like irfanview, so chances are it'll find them and encrypt them

it's a false flag
the killswitch should have made it obvious

It doesn'target jack shit. It's mostly about business being particularly vulnerable because they need and use SMB

There's already a version without the killswitch in the wild, it was just the author fucking up

some retard might have patched the malware himself

Fuck NSA and fuck Russians. Also fuck Microsoft for having a horrible update system and trying to pass the blame on others.

Still don't see how it's special compared to any other ransomware outbreak.

No, but backups should be.

I think this one uses exploits leaked from the NSA.

>As of this evening news, it's well over $70,000 in known payments made so far.
Normie I know paid and got nothing.

probably easier to write the program that way

>Fuck NSA and fuck Russians. Also fuck Microsoft for having a horrible update system and trying to pass the blame on others.
This really needs to be reported, had to go and fix multiple PCs where windows update had just been failing rather than installing updates.

Which they probably stole from the Russians, who copied it from a Chinese neckbeard who was trying to reverse engineer something made by a European malware writer.

When does Windows Update NOT do that? I'm yet to see a single installation where it actually works instead of being stuck on checking for updates or failing to install anything and having to revert it. It's a colossal pile of shit.

Regardless of the original source of the exploits, it's still fucking stupid that an agency tasked with the security of the nation isn't shoring up our defenses in favor of hoarding exploits to potentially use against political enemies.

win7's update system is completely broken
I bet it's intentional

>the NSA
>doing anything for the security of the nation or humanity

Ha.

>activate automatic updates in Win7
>30%cpu
>it does nothing

I didn't say that they do anything, I just said that they were tasked with doing something.

>dad regularly shits on windows in his facebook
>muh privacy muh automated updates
>gets hit with this thing
>fuckign windows peice of shit how can a company so big have such a security fail

what software does he use that necessitates he continue using this abomination?

how can somebody so retarded still be clever enough to run revision control/snapshots/regular automatic backups

Doesn't mean the author didn't fuck up. Hell, I don't think they even suspected they'd get this far

well he's a gentoo user so he just wants to fuck around

It spread insanely fast because of No user input required, no shady .exe, all the user knows is that suddenly they're infected

>Now that the dust has settled
Nice Reddit post

It's not affected, it just throws a kernel panic

Does anyone know if there's a exe of WanaCry, but without the decrypting of files ?

I don't think anyone's made it, but you could easily just find the code for decrypting the files and replace it with nops.

Just see where the code jumps when you hit the decrypt button, dig a bit, and you should be able to find it. Based on the reports, I don't think there's much assembly-level obfuscation in this malware.

Fast high end encryption, where can I get the commercial version to encrypt muh drives?

Wait, if this is the case, isn't Kali Linux inherently insecure as you always run things as root by default?

>using kali as a daily driver

Fool.

>a lot of the payment comes from companies who don't do cloud storage...

Why don't companies just revert to images of infected PCs and restore data from backups?

When did I ever mention this? Stop assuming things.

> not running browser in a sandbox.

Yeah, he kinda asked for it.

It scans the net for windows computers with the smb exploit through port 445

I don't se any SMB on my computer.
Does that mean that it's enabled but doesn't appear here, or that it's disabled?

I don't see it in the task manager either (checked both the Processes and Services tabs).

Pls help.

It proved once again that many big organizations/companies are terrible at security.
I don't use terrible hyperbolically here, they're really really bad, like worse than your average Sup Forums user bad.

Because idiot admins configured backups in such a way that they got encrypted too.

The most popular explanation is this:
1. employee 1 receives an email with malicious code (either .exe file or some Word macro, Adobe shit...)
2. once employee 1's PC is infected it spreads to other employees through the SMB vulnerability

So you need to fuck up twice for this to happen.

Most of the time it's cheaper to pay up than take a lost day or two of work reverting to a previous backup. If they set the payment level at $3000 then no one would pay because it's cheaper to restore a week old backup and redo the work at $300 you are right on the limit of what people will pay to save the time and effort.

whats so bad aout this?

>Ban encryption
>Get hit by ransomware
>FBI pull up and lock you up

Sp1 + cumulative updates from 2017

Macbook Pro with Retina Display doesn't have this problem

they fixed it after the windows 10 free upgrade period was up

Check your services for "Workstation" and "Server", those are the SMB ones. Or just install the patch Microsoft released if you care about SMB.

Oh yeah, I have those.

How do I deactivate them?
Is this guide [] legit?
I'm having trouble installing Powershell 2.0, so I need to either do it manually or with the CMD.

Dunno, you could just open services.msc and disable them normally, at least on Windows 7.

>Now that the dust has settled

Why do people start threads off with that retarded line? The dust hasn't even settled yet, its nowhere near, you stupid cunt.

Because it's an unfunny meme, same with "you have 10 seconds to defend your opinion", "x on suicide watch" and "there is literally no reason to use x" threads. Not sure why you're expecting Sup Forums to be anything other than a cesspool.