Hacker News new | past | comments | ask | show | jobs | submit login

Maybe I'm missing something, but is there any evidence that this is actually a 0day attack? I didn't study the last outbreak that closely, but it seemed like it was a vulnerability that had been patched, but affected computers that weren't patched. Maybe I'm wrong though. But 0days or no, there will always exist some number of computers that have not been properly kept up-to-date and thus will be vulnerable to security exploits even after they've been disclosed and patched.



No, it's probably not a 0-day this time. But this exploit used to be a NSA 0-day before it became public. Everything that's happening now is the "lite" version of what the NSA is capable of.


Yeah, and the Department of Defense is capable of nuking major cities. And it's about as relevant to this discussion.


It's relevant because it's like the nukes were stolen and that it will continue to happen


I'd argue its relevant because you can't CTRL+C CTRL+V a nuke.


But would you download a car?


Yes.


Let me know when the DoD routinely has their nukes stolen, possibly without them ever knowing.


Everyone would notice a nuclear attack. NSA exploiting vulnerabilities to their own ends, not so much.


This is absolutely detectable, and IDS signatures already exist for EternalBlue (Let alone the fact that it was patched by Microsoft in March).


The previous one WanaCry, was based on a vulnerability that was patched on later OSes. Microsoft went back and retroactively added patches for unmaintained operating systems (like XP).

It was based off an SMB exploit released in a ShadowBroker's dump; an unreleased exploit thought to have been used by the NSA.


> But 0days or no, there will always exist some number of computers that have not been properly kept up-to-date and thus will be vulnerable to security exploits even after they've been disclosed and patched.

You are correct about this. Patches were released in March, but many seem to have put off security-critical patching.


> Patches were released in March, but many seem to have put off security-critical patching.

In fairness to some of the unpatched - the last round of Windows 10 updates refused to install on some machines (well, mine and some others on Twitter), and trapped me in an endless loop of download-install-fail-download. When this happened my landline internet was down, so this was happening over 4G tethering, and burning up $20/day in cellphone data until I just turned off my internet/tethering.

I'm not saying don't patch (you should!), just that even people trying to stay patched and do the right thing can find they're unable to do so.


You are absolutely correct, people are even still wary after the aggressive Windows 10 update tricks, so it is extremely unfortunate yet does make some sense.

I hope Microsoft can find a way to earn trust back, this problem is going to get much worse if people do not install security patches ASAP when released.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: