• We've upgraded our forums. Please post any issues/requests in this thread.

WannaCry: Its Origins, and Why Future Attacks may be Worse

Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#1
WannaCry, the Cryptographic Ransomware that encrypted entire PCs and then demanded payment via Bitcoin to unlock them, is actually not a new piece of technology. Ransomware of this type has existed nearly as long as the cryptocurrency Bitcoin has. What made headlines was the pace with which it spread and the level of damage it caused to several facilities dependent on old, seldom-updated software (Hospitals, for example). It's not a stretch to say this may be the first cyberattack directly attributable to a civilian death, though that has not been concluded yet as we are still waiting for the dust to settle. What is clear however is WHY it spread so quickly, and it's quite simple really: Many users don't have their PCs up to date.

Show full news post
 
Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#2
Notice: This is marked as an editorial, so treat it as such. This is not news and it may/may not make baby Jesus cry.
 
Joined
Aug 13, 2010
Messages
3,118 (1.16/day)
Likes
1,555
System Name The "Oh shit we have competition"
Processor Core i7 8700K @ 4.8Ghz
Motherboard Gigabyte Z370 Ultra Gaming
Cooling Custom WC & 240MM Rad
Memory G.Skill Ripjaws 4 DDR4 2666Mhz 16GB
Video Card(s) Palit Jetstream GTX 1080 OC 8GB
Storage 5TB HDDs + 1TB SSDs
Display(s) U2713HM + 2433T + XL2430T 144Hz
Case Corsair Carbide Air 540
Power Supply Antec Edge 750W
Mouse The almighty Logitech G400
Keyboard Cougar 600K Cherry-MX Blue
Software Windows 10 Pro
#3
Some people thrive on chaos. They will continue doing it
 
Joined
Oct 2, 2004
Messages
12,367 (2.56/day)
Likes
5,816
Location
Europe\Slovenia
System Name Dark Silence 2
Processor Intel Core i7 5820K @ 4.5 GHz (1.15V)
Motherboard MSI X99A Gaming 7
Cooling Cooler Master Nepton 120XL
Memory 32 GB DDR4 Kingston HyperX Fury 2400 MHz @ 2666 MHz 15-15-15-32 1T (1.25V)
Video Card(s) AORUS GeForce GTX 1080Ti 11GB (1950/11000 OC Mode)
Storage Samsung 850 Pro 2TB SSD (3D V-NAND)
Display(s) ASUS VG248QE 144Hz 1ms (DisplayPort)
Case Corsair Carbide 330R Titanium
Audio Device(s) Creative Sound BlasterX AE-5 + Altec Lansing MX5021 (HiFi capacitors and OPAMP upgrade)
Power Supply BeQuiet! Dark Power Pro 11 750W
Mouse Logitech G502 Proteus Spectrum
Keyboard Cherry Stream XT Black
Software Windows 10 Pro 64-bit (Fall Creators Update)
#4
What's funny is that people who were using any kind of worthy AV (not Windows Defender) were protected since February 2017 when most companies captured early strains.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
20,921 (6.24/day)
Likes
10,022
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
#5
This is why I wish John McAfee won POTUS. As the internet grows, attacks like this are going to become a near daily occurrence. Everyone needs to up their security game. More importantly, the internet itself has to change to counter cyber attacks.

As for government finding exploits and not talking about them: remember that the NSA likely used an exploit like this (or maybe this very one) to launch a successful cyber attack against Iran's centrifuges. No one got hurt and Iran's nuclear ambitions were hugely damaged/delayed. I think NSA should adapt a policy like Google. If it finds an exploit, it gives itself some time to use it, then it notifies whomever can fix it (in this case Microsoft), and then it publishes a document detailing the exploit some time after that. NSA gets their covert tools and the holes get plugged (which helps the government too because there's a lot of Windows systems around).
 
Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#6
As for government finding exploits and not talking about them: remember that the NSA likely used an exploit like this (or maybe this very one) to launch a successful cyber attack against Iran's centrifuges.
I might agree on that front but there was something very different about that exploit: It had nothing to do with networking. It targeted offline computers and was delivered via a USB stick to an offline network.

Obviously in that instance, care had been taken and the potential for network/internet abuse of that exploit was 0.

However, if it was a networkable worm (unclear on this) what would've happened had that been leaked? You know the answer. The NSA isn't a vault of security as of late.

It may not even have been an exploit for that matter. More likely, knowing that USB drivers are privileged, it was simply a modified USB stick. That's relatively trivial if you know firmware programming.
 
Joined
Nov 21, 2010
Messages
595 (0.23/day)
Likes
195
Location
Right where I want to be
System Name Ratchet
Processor Ryzen 1700X
Motherboard Crosshair VI Hero
Cooling Custom Loop, Ek blocks 280mm Rad
Memory 16gb TridentZ RGB DDR4 3000
Video Card(s) 1x ASUS STRIX RX480 OC(flashed to 580)
Storage JBOD
Display(s) HP ZR24w
Audio Device(s) Asus Xonar STX II
Power Supply Seasonic X-series Gold 850W
Mouse Corsair Scimitar
Keyboard Corsair K70 Rapidfire
Software Windows 10
#7
What's funny is that people who were using any kind of worthy AV (not Windows Defender) were protected since February 2017 when most companies captured early strains.
Also the only people who were affected were the ones who weren't up to date on patches. Pointing out choice of AV at this point is like discussing what dental dam to use after going at it raw. Pointing out which AV being used is like telling car owner who's left all their doors unlocked with the keys in the ignition and as a result had their car stolen, people who were using x security system didn't get their car stolen.
 
Last edited:
Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#8
Also the only people who were affected were the ones who weren't up to date on patches.
Yep, and as I noted, that's a lot more than we'd like to think.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
20,921 (6.24/day)
Likes
10,022
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
#9
I might agree on that front but there was something very different about that exploit: It had nothing to do with networking. It targeted offline computers and was delivered via a USB stick to an offline network.

Obviously in that instance, care had been taken and the potential for network/internet abuse of that exploit was 0.

However, if it was a networkable worm (unclear on this) what would've happened had that been leaked? You know the answer. The NSA isn't a vault of security as of late.

It may not even have been an exploit for that matter. More likely, knowing that USB drivers are privileged, it was simply a modified USB stick. That's relatively trivial if you know firmware programming.
How do you think it infiltrated the facility in the first place? It attacked Windows (USB, RPC, Printer Sharing, fake shortcuts, JMicron/Realtek signed rootkit driver), then it silently infected devices on the network until it finds Siemens Step 7 industrial control software.
 
Joined
Jun 22, 2015
Messages
42 (0.05/day)
Likes
14
Processor 3570K/H²O H100i
Motherboard AsRock Z77 extreme4-M µATX
Cooling H100i + Custom GPU Loop
Memory 4x4GB DDR2133
Video Card(s) Vega64/H²O Custom
Storage 850PRO 256/840EVO 256/2x750GB r0
Case FD Arc Mini R2
Power Supply Corsair 850W
#10
I don't think the NSA/CIA/GCHQ give a sh*t really.
If they could do this, and point the finger at the "Russkies" (or the next "Axis of Evil"), they would.

Its all fun and games for them (quite literally).

edit : Microsoft still haven't patched XP have they ?
 
Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#11
Microsoft still haven't patched XP have they ?
They have, due to outcry.

How do you think it infiltrated the facility in the first place? It attacked Windows (USB, RPC, Printer Sharing, fake shortcuts, JMicron/Realtek signed rootkit driver), then it silently infected devices on the network until it finds Siemens Step 7 industrial control software.
As mentioned, it infiltrated via infected USB hardware.
 
Joined
Jul 16, 2014
Messages
1,668 (1.34/day)
Likes
818
Location
SE Michigan
System Name Dumbass
Processor AMD-9370BE @4.6
Motherboard ASUS SABERTOOTH 990FX R2.0 +SB950
Cooling CM Nepton 280L
Memory G.Skill Sniper 16gb DDR3 2400
Video Card(s) GreenTeam 1080 Gaming X 8GB
Storage C:\SSD (240GB), D:\Seagate (2TB), E:\Western Digital (1TB)
Display(s) 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Logitech G700s
Keyboard Logitech G910 Orion Spark
Software windows 10
Benchmark Scores http://i.imgur.com/gYkHqxU.jpg new pic soon.
#12
I don't think the NSA/CIA/GCHQ give a sh*t really.
If they could do this, and point the finger at the "Russkies" (or the next "Axis of Evil"), they would.

Its all fun and games for them (quite literally).

edit : Microsoft still haven't patched XP have they ?
actually they did, the released patch made headline news since so many were shocked that m$ put forth an effort..

Cant say much since I'll be accused of m$ bashing...

on second thought, I dont give a shit, if m$ receives any bashing, its prolly well deserved in one way or another, and maybe they might even step up a bit more often and fix exploits before they release them intentionally to the NSA/CIA/paying governments.
 
Joined
Nov 21, 2010
Messages
595 (0.23/day)
Likes
195
Location
Right where I want to be
System Name Ratchet
Processor Ryzen 1700X
Motherboard Crosshair VI Hero
Cooling Custom Loop, Ek blocks 280mm Rad
Memory 16gb TridentZ RGB DDR4 3000
Video Card(s) 1x ASUS STRIX RX480 OC(flashed to 580)
Storage JBOD
Display(s) HP ZR24w
Audio Device(s) Asus Xonar STX II
Power Supply Seasonic X-series Gold 850W
Mouse Corsair Scimitar
Keyboard Corsair K70 Rapidfire
Software Windows 10
#13
actually they did, the released patch made headline news since so many were shocked that m$ put forth an effort..

Cant say much since I'll be accused of m$ bashing...

on second thought, I dont give a shit, if m$ receives any bashing, its prolly well deserved in one way or another, and maybe they might even step up a bit more often and fix exploits before they release them intentionally to the NSA/CIA/paying governments.
That's crazy talk. If they were really working with spy agencies, it be far more easier for them simply to place a backdoor somewhere or write tailor-made software that defeats the OS security.
 
Joined
Nov 2, 2008
Messages
766 (0.23/day)
Likes
414
Processor Intel Core i3-4370
Motherboard Gigabyte GA-H97-D3H
Cooling Zalman CNPS9500 AT
Memory 16GB Crucial Ballistix Sport DDR3-1600
Video Card(s) Gigabyte GV-N75TOC-2GI GeForce GTX 750 Ti WindForce
Storage Crucial MX100 256GB SSD
Display(s) Acer G245HQ 23.6" LCD
Case Fractal Design Define R4 Black Pearl
Audio Device(s) Realtek ALC1150
Power Supply Corsair CX600M
Mouse Logitech M500
Keyboard Lenovo KB1021 USB
Software Windows 10 Professional x64
#14
There is some hope:

Proposed PATCH Act forces U.S. snoops to quit hoarding code exploits
http://www.theregister.co.uk/2017/0...o_force_intel_agencies_to_fix_found_exploits/

Two U.S. senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.

The Protecting our Ability To Counter Hacking (PATCH) Act would set up a board chaired by an Department of Homeland Security (DHS) official to assess security flaws spies have found in code and hardware, and decide if manufacturers should be alerted to the bugs so they can be fixed for everyone.​

Now all we have to do is get the pinheads in D.C. to pass the legislation into law....
 
Joined
Nov 21, 2010
Messages
595 (0.23/day)
Likes
195
Location
Right where I want to be
System Name Ratchet
Processor Ryzen 1700X
Motherboard Crosshair VI Hero
Cooling Custom Loop, Ek blocks 280mm Rad
Memory 16gb TridentZ RGB DDR4 3000
Video Card(s) 1x ASUS STRIX RX480 OC(flashed to 580)
Storage JBOD
Display(s) HP ZR24w
Audio Device(s) Asus Xonar STX II
Power Supply Seasonic X-series Gold 850W
Mouse Corsair Scimitar
Keyboard Corsair K70 Rapidfire
Software Windows 10
#15
That law doesn't protect us, it protects them. This law just absolves them of any wrongdoing should this happen again.
 
Joined
Nov 2, 2008
Messages
766 (0.23/day)
Likes
414
Processor Intel Core i3-4370
Motherboard Gigabyte GA-H97-D3H
Cooling Zalman CNPS9500 AT
Memory 16GB Crucial Ballistix Sport DDR3-1600
Video Card(s) Gigabyte GV-N75TOC-2GI GeForce GTX 750 Ti WindForce
Storage Crucial MX100 256GB SSD
Display(s) Acer G245HQ 23.6" LCD
Case Fractal Design Define R4 Black Pearl
Audio Device(s) Realtek ALC1150
Power Supply Corsair CX600M
Mouse Logitech M500
Keyboard Lenovo KB1021 USB
Software Windows 10 Professional x64
#16
I have to admit: Having a law is one thing; enforcing it is a different issue entirely....
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
20,921 (6.24/day)
Likes
10,022
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
#17
There is some hope:

Proposed PATCH Act forces U.S. snoops to quit hoarding code exploits
http://www.theregister.co.uk/2017/0...o_force_intel_agencies_to_fix_found_exploits/

Two U.S. senators have proposed a law limiting American intelligence agencies' secret stockpiles of vulnerabilities found in products.

The Protecting our Ability To Counter Hacking (PATCH) Act would set up a board chaired by an Department of Homeland Security (DHS) official to assess security flaws spies have found in code and hardware, and decide if manufacturers should be alerted to the bugs so they can be fixed for everyone.​

Now all we have to do is get the pinheads in D.C. to pass the legislation into law....
I hope it passes but I'm sure people in the intelligence oversight committee are going to do everything they can to stop it. At the same time, it doesn't go far enough: manufactures should always be notified. Someone (implements inherit bias either towards notification or away from it) shouldn't be deciding which holes will deliberately be left open and which won't. Government needs a standard operating procedure where the manufacture is always notified, it's just a matter of when.
 
Joined
Nov 21, 2010
Messages
595 (0.23/day)
Likes
195
Location
Right where I want to be
System Name Ratchet
Processor Ryzen 1700X
Motherboard Crosshair VI Hero
Cooling Custom Loop, Ek blocks 280mm Rad
Memory 16gb TridentZ RGB DDR4 3000
Video Card(s) 1x ASUS STRIX RX480 OC(flashed to 580)
Storage JBOD
Display(s) HP ZR24w
Audio Device(s) Asus Xonar STX II
Power Supply Seasonic X-series Gold 850W
Mouse Corsair Scimitar
Keyboard Corsair K70 Rapidfire
Software Windows 10
#18
I hope it passes but I'm sure people in the intelligence oversight committee are going to do everything they can to stop it. At the same time, it doesn't go far enough: manufactures should always be notified. Someone (implements inherit bias either towards notification or away from it) shouldn't be deciding which holes will deliberately be left open and which won't. Government needs a standard operating procedure where the manufacture is always notified, it's just a matter of when.
The way I understood the law they don't have to disclose any holes as long as they don't exceed a predetermined amount, when they do the evaluate which ones to keep and which to disclose. Kind of like a kid with too many toys and have to figure out which toys they need to send to the goodwill in order close the lid on the chest. Now what's stopping them from giving themselves a toy chest bigger than one they'll ever need?
 
Joined
Oct 22, 2014
Messages
5,294 (4.60/day)
Likes
3,225
Location
Sunshine Coast
System Name Black Box
Processor Intel i5 3570K @ 3.8GHz
Motherboard Asrock Z77 Extreme 4 ATX
Cooling Antec C400
Memory G. Skill 8Gb (2x4Gb) 2133Mhz
Video Card(s) iGPU
Storage Sandisk X 400 256Gb
Case Antec Sonata (don't laugh)
Audio Device(s) No need.
Software W7 Home Premium 64 bit
#19
As mentioned, it infiltrated via infected USB hardware.
They also have the ability to carry out over the air exploits on remote machines that are not connected, without physical access, so even unplugging from the net is by no means a protection.
 
Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#20
They also have the ability to carry out over the air exploits on remote machines that are not connected, without physical access, so even unplugging from the net is by no means a protection.
Bridging air gap networks typically relies on "sneaker net" (Infected media of some type).

That's what I was referring to.
 
Joined
Mar 18, 2008
Messages
2,750 (0.77/day)
Likes
1,710
System Name Virtual Reality / Bioinformatics
Processor Undead CPU
Motherboard Undead TUF X99
Cooling Noctua NH-D15
Memory GSkill 128GB DDR4-3000
Video Card(s) Sapphire R9 Fury X
Storage Samsung 960 Pro 1TB, Crucial MX200 500GB
Display(s) Acer K272HUL, HTC Vive
Case Fractal Design R5
Power Supply Seasonic 850watt
Mouse Logitech Master MX
Keyboard Corsair K70 Cherry MX Blue
Software Windows 10 Professional/Linux Mint
#21
And some people still think internet of things is a good idea. Yeah right, imagine all of your appliances are now turned into bricks and constantly reminding you need to pay to have them fixed. IoT is one of the stupidest idea ever invented under the cloud computing BS. Take a look at the mother nature as our best teacher. After billions years of evolution are species happily sharing genetic information? Hell no. Each individual species have built up their defense to degrade foreign DNA as much as they can. Even your sweat contains trillions of RNAse that will degrade ANY RNA you may touch.

Get everything into the net is a horrible horrible idea. It is just TNT waiting for a spark. Unfortunately the Wannacry situation showed as there are no shortages of such spark.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
20,921 (6.24/day)
Likes
10,022
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
#22
That one attack that happened recently was conducted by leveraging IoT products (like internet-connected security cameras). IoT always was and always will be a terrible idea. Manufacturers creating updates is not likely in the first place, compound that with actually installing the updates (especially on IoT products where people assume it's perfectly safe by nature) and massive attacks are going to become increasingly commonplace.

At least there's intelligent enterprise routers out now that perform deep packet inspection to find and stop malicious activity. Systems like that need to be rolled out to all consumers stopping widespread infections before they start.
 

Frick

Fishfaced Nincompoop
Joined
Feb 27, 2006
Messages
14,881 (3.45/day)
Likes
5,413
System Name A dancer in your disco of fire
Processor i3 4130 3.4Ghz
Motherboard MSI B85M-E45
Cooling Cooler Master Hyper 212 Evo
Memory 4 x 4GB Crucial Ballistix Sport 1400Mhz
Video Card(s) Asus GTX 760 DCU2OC 2GB
Storage Crucial BX100 120GB | WD Blue 1TB x 2
Display(s) BenQ GL2450HT
Case AeroCool DS Cube White
Power Supply Cooler Master G550M
Mouse Intellimouse Explorer 3.0
Keyboard Dell SK-3205
Software Windows 10 Pro
#24
actually they did, the released patch made headline news since so many were shocked that m$ put forth an effort..

Cant say much since I'll be accused of m$ bashing...

on second thought, I dont give a shit, if m$ receives any bashing, its prolly well deserved in one way or another, and maybe they might even step up a bit more often and fix exploits before they release them intentionally to the NSA/CIA/paying governments.
Bash MS all you want, but be correct and coherent.

Worth noting is how windows 10 was/is not affected by the SMB spreading exploits.
 
Joined
Aug 20, 2007
Messages
7,369 (1.95/day)
Likes
6,498
System Name New Genesis
Processor AMD Ryzen 7 1800X @ 4.1GHz All Cores
Motherboard GIGABYTE Aorus Gaming 5
Cooling Noctua NH-U14S CPU Cooler with dual fans,4x 120mm Sunon MagLev Blowers and 2x 120mm Corsair ML120Pro
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-1T
Video Card(s) EVGA Geforce GTX 1080 FTW2 w /iCX Cooler
Storage HGST Ultrastar 7k6000 2TB HDD w/ 128MBs of Cache
Display(s) Benq BL3200PT 1440p 32" LCD w/ AU Optronics AMVA true 10-bit 100% sRGB Panel
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus TItanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Keycaps, Blue legends
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores TS/FS Extreme: 10562: https://www.3dmark.com/fs/14260421 3575: https://www.3dmark.com/spy/2816092
#25
Worth noting is how windows 10 was/is not affected by the SMB spreading exploits.
Incorrect. It was affected, the patch just got auto applied ontime. If you had updates disabled and used RTM, it was most certainly vulnerable.

NSA trying to destroid the Bitcoin and blaming to Nort Korea,,:pimp:
Lol, no. Just no.


This law just absolves them of any wrongdoing should this happen again.
Not what the bill proposes.