by Karl Denninger
This is thought of as an easy attack.
CNBS ran a story this morning. I’ve personally have had two friends who ran into this and had their files encrypted over the last year. There is typically no way to un-do that; you can restore the machine but of course the files are still gone.
Here’s the problem, as I see it: How is it that a “program”, in this day and age, can be run from the Internet (or a received email) that wants to insert itself into the disk I/O system and operate in the background, both of which have to happen for this sort of attack to work, and not cause the operating system to throw up all over it without multiple, dire-warning style notifications that you are very likely about to be screwed?