To my understanding, scaling production to bring prices down due to economy of scale is the part of the initial plan, which was based on the data about climate change. So these things are connected.
I am still using Windows 10. A major reason for me to not upgrade is all the media coverage of ads, user tracking, forced subscriptions and unnecessary AI features in Windows 11. Also, Windows 10 is just plain really good. I do have TPM and strong hardware. Windows 11 reputation is the main concern.
So let's imagine a company like Garmin experiences a ransomware attack. Their business is paralyzed. What would stop them from paying the ransom and what could possibly be an alternative to that?
They can bring their systems back up and operational for less cost (both immediate, but also payroll during the fix, lost revenue from both downtown and reputationally after they're back, and opportunity cost off the top of my head).
Your only two options and rebuild on your own at significant cost or pay the ransom. There were long, heated discussions about what to do, and several people suggested paying the ransom but we ultimate decided not to and it ended up costing more than the ransom if you factor in payroll and lost revenue.
I still think out of principle you shouldn't pay the ransom, ever. Assume whatever the ransom would cost is already gone, if you can rebuild for less than that (you probably can't) it's a win.
But even when paying the ransom, you still need to roll back a portion of your environment after you've assessed the intrusion. Can you really trust you've patched everything and removed all trace of persistence that was put by the attacker as a contingency to get back in the system?
That's the job of an external cyber incident response team who can trace how it occurred and to check that the vulnerability has been appropriately eradicated and locked before resuming business operations
> I still think out of principle you shouldn't pay the ransom, ever
There may have been a time when a company would act on principle, but I think it's very rare today. You hardly even expect people to do that. It's the world we have made.
All human activities, including things like principles, charity, sacrifice, and duty, are ultimately self-serving attempts by the biological DNA and cultural memes that constitute us to replicate and improve it's standing.
Nothing, so far. The alternatives to that would be to legislate penalties for paying, to mandate certain precautions like regular offline backups (which could usually be done through regulation), to forbid the government from doing business with entities that have paid in the past X time (procurement regulations are somewhat flexible) and/or to task some government agency with aiding private sector entities in recovery if they don't pay (which has varying difficulty depending on the jurisdiction).
Obviously none of these make it impossible, but the goal needs to be to tip the value proposition the other way.
There are a handful of problems with this approach, which is part of why these types of insurance policies are incredibly expensive. The entire MO of these operations is to infect a company's systems, and wait until most or all of the backups are affects before locking the system down. They will wait months or for bigger targets, years.
That doesn't help. The system is already infected when the backups are taken, therefore the backups are infected. That's why these criminal organizations wait months until actually locking your system down, so that your oldest backups are deleted by retention policy. If they have access to your system and can figure out what your backup retention policy is, they'll set it to go off at the point when all your backups are infected.
Ransomware is often not triggered quickly. They will compromise a box, install a back door, and hang onto it for months. You also have to consider that once they pop it, they can check other vulns that are available and will still be present after the restore.
When I do remediation I usually recommend restoring only business state but installing and configuring all OSes and applications from scratch with latest freshly downloaded versions. You can't trust any executable or dll that has been laying around.
That is not the restore dream that the backup provider sold them but reinfection is common. Once the bad guy has a privileged credential it is trivial for them to investigate for other vulns to use in the reinfection phase and nobody has just one critical vuln. If a business is susceptible to ntlm relay it's also going to have unsigned smb and non encrypted ldap traffic for the same root cause -- it was the default in 2005 and never got modernized.
For a concrete example, someone could infect an image storing service with code that encrypts (and silently decrypts) the data when it's stored / retrieved. When the hacker removes the decryption key from the running service, the backups will also be inaccessible because they are also encrypted.
Are user accounts data or systems? Compromise of AD is a very common means. This said this can still be fixed before putting it back where it could reach the internet and cause trouble.
No reason such an insurance company couldn't be run in the early/mid 20th century manner, entirely with paper records. Send carbon copies of all documents to two remote locations to eliminate the threat of a fire wiping out the records.
This is easy. It requires you to hire a lot of human clerks, but since the customers are large businesses that means there aren't a whole lot of customers in the first place. And if you can't get enough typewriters, there's no reason the clerk work couldn't be done on computers connected to printers, with all document storage still being done on paper. If the computers get pwned, throw them out and buy new ones; it doesn't matter because the documents weren't being stored on those computers.
The dumbest take of companies was assuming insurance companies would keep paying their ransom because they were thinking fixing their networks was less important
False positives are indeed a major problem with bigtech. Just got into the situation myself when I was traveling to France and wanted to order some food with Deliveroo. Their antifraud systems banned me without any option to prove my legitimacy. Needless to say I just normally wanted to order something to eat, and I later used Uber Eats without any problems. Permanent ban without procedure to correct antifraud false positive (most likely due to my bank card issued outside of France).
Also, worth mentioning that I was banned after I have contacted the support because my orders were being rejected (this was my initial problem and the reason I contacted the support). It was the support team who banned me. This is a problem of its own: legitimate users should not be discouraged to contact the support.
The real threat came from the fine the government intended to impose on the companies. They threatened to fine not the fixed amount, as they did before, but to calculate it from the turnover values. Which could result in millions of dollars. The Russian government recently fined Booking with almost 18 million USD. For Google and Apple the fine could be even bigger.
The threat to employees on the other hand was not real one, there is no one to legally procecute in the Russian subsidiaries of the companies.
Without knowing much about the specifics... A threat can be totally real, even if "there is no one to legally prosecute". In most countries (even in countries that most people would consider more democratic), if people in power want to "make a point", they will find a way.
I'm an immigrant who moved from Hungary to Germany, lived in Spain and Mexico, and I know many examples from all countries where people in power got their way through various ways, even if they had no legal way to enforce their will on others. Also do not forget, if you control legislation, the judges, the constitution, the police, etc, what is legal one day, can become illegal and prosecuted and persecuted pretty quickly.
They don't need a legal ground to harm any Russian citizen. Last several years political repressions are gaining momentum and there's less and less care about keeping it in a legal field.
While Stripe team is great and it's always good to place all services under one roof, both registering US corporation and opening US bank account online is not something new, Harvard Business Services (www.delawareinc.com) had done company formation for years for startups and the fee is nicer ($250 single payment + $50/year for registered agent vs Atlas $500 single payment + $125/year for registered agent). Atlas is twice more expensive, which may be sensitive for early-stage startups.
We formed a C-corp with HBS. Then opened SVB account for free, printed standard incorporation docs, got EIN from IRS and opened account with Braintree (could be Stripe as well), all for free. We just had to use different websites instead of one, but no additional difficulties.
Now it would not surprise me much even if they go public (IPO), before releasing the actual product to the market. That would be a nice precedent for the tech startup industry.
August 2014 beta build was a really small update and the only one in year 2014. To be honest, my feeling also was that project has been abandoned. ST3 was silent for about a year and is supported by the single developer (as far as I understand it). No updates (except for one in August) in the times of Atom release, this looked like there was no more motivation for the Sublime Text developer. I am really happy that it's not true and Sublime is active again in 2015.
From the look of it, it seems that the dev works very intermittently on Sublime.
For my part, I would like to see something like LimeText (open source sublime clone) gain some traction. ST development cycle does not inspire me a lot of confidence.
I agree, that's why I say it was almost inactive for about a year, not 15 months. The point is, the real delay was bigger than 6-9 months, at least it's how the one could think about it.
