Cryptolocker (was RE: Is tape dead?

Chuck Guzis cclist at sydex.com
Wed Sep 16 13:10:50 CDT 2015


This brings up something that's always baffled me.

Why does a user's (or worse, the entire system's) files have to be 
immediately accessible to any application wanting to take a look.

Take a legacy example, SCOPE or NOS on a CDC mainframe.  At start of 
job, you start out with a null file set available to you, but for 
standard input and output pre-named files.

If you need a pre-existing "permanent" file, you attach that to your 
current session, providing the necessary password and other information, 
such as the cycle number--and then giving that file its own (local) 
name--i.e. user-permanent files have a different (usually longer) name 
than what they're known as locally.

To the best of my knowledge, outside of password leaks (a different 
password, if you wanted, for each type of access), we had no security 
issues.

The better approach in modern times, I suppose, is to sandbox your 
browser--and never, never, never browse with administrative privileges. 
(Something the average Windows user doesn't seem to understand).

Has cryptolocker ever invaded the world of Unix/Linux/BSD?

--Chuck



More information about the cctalk mailing list