Friday, June 30, 2017

Latest cryptolocker outbreak

As if the latest crypto ransomware outbreak of NotPetya isn't bad enough, the operator of the e-mail service that the scammer was using for communications (posteo.net) has in what can only be described as a moment of blinding stupidity, shut down the e-mail account he was using.

Yes, no doubt it follows their standard procedures, and I realise that they don't want their platform being used for illegal activity.  But you're fucking morons.  Now anyone who gets infected has zero way of decrypting their PC, because they can't communicate with the scumbag to retrieve their decryption key!

Would it have killed them to act like a responsible netizen, and maybe reach out to law enforcement to offer whatever assistance they could in tracking down whoever was accessing the account?  Nope, fuck everyone, let's just delete it.  Cretins.

The only good news about this is very much hidden inside some further bad news.  Apparently unlike the recent Petya outbreak, NotPetya doesn't generate a valid encryption key - so there's no way of returning a decryption key either.   If correct, there's no point in paying the ransom, because you're just setting fire to money.

Oh yeah - just for fun, it scrubs the MBR too.  Time to reach for the install disk.

What is good news is that the NotPetya installer looks for a certain file on the PC to determine if it's been infected yet, and if it finds that, it aborts.  So while it isn't possible to disinfect a PC, it is possible to immunize one against infection.  Suggest that everyone do so immediately, the batch file linked to on the page is safe.

Here's the code for the enthusiasts:

@echo off


REM Administrative check from here: https://stackoverflow.com/questions/4051883/batch-script-how-to-check-for-admin-rights

REM Vaccination discovered by twitter.com/0xAmit/status/879778335286452224

REM Batch file created by Lawrence Abrams of BleepingComputer.com. @bleepincomputer @lawrenceabrams



echo Administrative permissions required. Detecting permissions...

echo.


net session >nul 2>&1

if %errorLevel% == 0

( if exist C:\Windows\perfc
( echo Computer already vaccinated for NotPetya/Petya/Petna/SortaPetya.

echo.

)
else
(

echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc

                echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc.dll
                
echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc.dat



attrib +R C:\Windows\perfc

attrib +R C:\Windows\perfc.dll

attrib +R C:\Windows\perfc.dat


echo Computer vaccinated for current version of NotPetya/Petya/Petna/SortaPetya.

echo.

)
)
else
(

echo Failure: You must run this batch file as Administrator.

)


pause

Tuesday, May 23, 2017

no-ip.com, no-thought.com

dear no-ip.com,

please stop sending me useless and unproductive renewal notices for my reverse DNS renewal account each month.

your service is not worth paying for, I use it because it's free.  if I have to pay for it, I will abandon it for something else.  probably also free, if not I'll pay someone else on the grounds of their being less annoying alone.  spamming me will not change that, so all you are doing is wasting both your time and mine.

I realise that it costs you next to nothing to send me a false-hope nag renewal every month.  please understand that it only cost me a few minutes to automate a response, so from now on, you're wasting your time alone.

like many others in the online industry, you have confused ability to annoy with translation to some sort of branch to profitability.  sorry, but that archaic thinking went out the window right around the time that the average consumer had the technical ability to fight back.  and we're a hell of a lot more agile than you, and with the groupthink of the entire planet focused on you - good luck.  I hope you don't have a lot of investment options yet to vest on that one.

sincerely, and with all due respect, fuck you.

technorantia.

Tuesday, April 11, 2017

Saturday, April 8, 2017

Embedding gfycat GIFs

Just an aide memoir to how to do this, it was enough of a pain to figure out once.

<script javascript="" src="https://assets.gfycat.com/gfycat.js" text="" type=""></script>
<img class='gfyitem' data-id='gfycatmedianame' />

Reset the clock

You know, it would be nice if we could just get through ONE week without a raghead muslim terrorist act, you know?

CCTV of the cultural enrichment in progress:



And the aftermath.  How's that open-door immigration policy working out for you, Sweden?


Tuesday, April 4, 2017

Overentitled prat of the day

You wouldn't think it was possible for most BMW drivers to be bigger knobs, but yes it can be done.

Note the TWO reserved car park spaces.