deltree / rmtree *.* /s be better?
A surprisingly simple disk-wiping malware has set off alarm bells in Iran after surfacing in the Middle East nation. The software nasty deletes everything on storage drives attached to infected Windows PCs on specific dates, according to the Iranian security emergency response team. The malware was detected in one or more …
You would be surprised at the number of people, who should know better, who try a 'recovery CD' when something goes wrong and proceed to overwrite large portions of the HDD and previous file system tables and only THEN worry about what happened to their data.
Possibly recovered - if you happen to know someone who enjoyed doing those really large jigsaw puzzles, with names like "The World's Largest Jigsaw Puzzle" where all the pieces look the same. A moderately large, moderately fragmented disc with the File Table missing would be an excellent Christmas present for them.
Personally, I'd recommend imaging the disc and restoring from backup...
Presumably because the list of software produced by their friends is even shorter than the list of friends?
Given the development of such highly specialised code as Stuxnet, it seems probable that even if the Iranians used some flavour of Linux, those behind Stuxnet will work out how to cause trouble. The supposed security advantages of Linux probably won't help much if you've got the Israelis and the Yanks working together on it.
"Presumably because the list of software produced by their friends is even shorter than the list of friends?" -- well, there is that, but, if they are capable of developing nuclear power and (alleged) a nuclear weapons program; surely they can knock up an OS of their own.
"The supposed security advantages of Linux probably won't help much if you've got the Israelis and the Yanks working together on it." -- Absolutely, but, at least it would be more secure than the current system where a 12 year old skiddie can get access, as is the case with Windows.
"The supposed security advantages of Linux" -- supposed?
"if they are capable of developing nuclear power and (alleged) a nuclear weapons program; surely they can knock up an OS of their own."
You'd have thought so, but there's surprisingly few ground up OS's developed that I've noticed, and I guess this reflects the fact that a true home brew needs the OS authors to write drivers and apps, so that altogether it is rather more than a trifling endeavour? And that assumes that you can write drivers for OEM hardware without their cooperation. Obviously if you just roll your own Linux flavour, that's a lot easier, but you're then making yourself vulnerable to the many clever people who know different flavours of Linux.
That Linux is more secure I don't dispute - but if placing money on Iranian Linux security holding out against the Israelis, I wouldn't put my money on the penguin.
If I were the Iranians (OK, apart from being less of a dick-dead than their example so far) I would go for Linux simply because it is open enough to allow a reasonable chance of an un-tainted OS for secure use.
Note, however, that is not saying Linux is totally secure, nor is it saying that Iranian BOFH are good enough to secure a working Internet-connected system against probing by NSA, Mossad, etc.
All it says is you can check for most obvious back door-like features, something you can't really do with Windows or OSX, and the history of UNIX/Linux is based on default-to-secure behaviour, which has taken MS time to catch up with.
""The supposed security advantages of Linux" -- supposed?"
Sticking to servers...
Linux is definitely better than Windows and maybe even that Apple thing, but it is unarguably not as good as some other open offerings (both historically and currently) - even when ignoring 'special purpose' operating systems.
Linux is good, but it is far from the best that is out there.
Downvote away if you really think GNU/Linux is as secure as secure gets.
Well, that's a part of it. But in the case of Iran, there's more to it than that. Remember there are also sanctions based on human rights violations. Note that I'm not claiming the sanctions have any chance of improving the situation, just that the US government has an additional restriction on them.
"I'm sure the CIA and the NSA are only too happy to pay Microsoft to give Windows to the Iranian government for free."
Probably broadly correct, though I doubt they'd be that obvious as it's likely to raise suspicion. More probable that- as part of their you-scratch-my-back-and-I'll-scratch-yours arrangement- MS simply agree to not cause any problems for people trying to install and activate pirated Windows and other products in Iran.
Wait, why are -we- using Windows, then?
Big respect for the suggestion that Microsoft Windows cannot be sold to Iran due to concern for human rights. After all, it violates mine. If this is written down somewhere, I want to know particularly if there is a right to not have the PC freeze from time to time for a full minute for NO REASON. Maybe I should move to Iran and get liberated.
Deleting data is very obvious, easily detected and easily repaired. What a pro would do is want access to data, to analyse for secrets without the owner knowing it is happening, or to make small corruptions to the data which renders it useless or misleading but which the owner does not realise until they go to use it. I suspect this is some Saudi or Israeli skiddie/hacktivist getting his lulz rather than the CIA, NSA, MI6, the Mossad, etc.
Perhaps, though this sort of harassment combined with other efforts might prove more effective then either technique on its own. Depends on the goal, after all. I would guess you are right, but there is the possibility that the information was extracted and this was done to obscure the act - a bit like setting a building on fire to hide a theft.
Biting the hand that feeds IT © 1998–2018