I hope that is the case. The fewer plug-ins, the better. Right now, if I wanted to watch a video on a web page, it may be in HTML5, it might be HTML+DRM, it may be in Quicktime, it might be in Silverlight, Java, RealAudio, or of course, Flash.

Even if we dispensed with all the plugins and the world magically ran on standards built in all browsers, there are always still security issues. Especially if they give any website it touches full access to hardware, which means it has the option of reflashing firmware or other nefarious tasks. All malware needs is a user context, or just the web browser's context (so it can use the browser for keylogging info in all windows.)

Browsers have to have more thought about security than even firewalls, because they have to deal thoroughly with untrusted, if not hostile code that can try to do anything (jam the CPU, spam dialogs.) The browser in itself really can't do it. It really needs help from the OS for separation, either via policies like SELinux or IE's Low context, or be placed in a sandbox or VM where all writes are virtualized safely away from the rest of the machine.

Here is the big question: How do the plugins (Flash, Shockwave, Java, Acrobat, DRM video players) run? Are they running in the same context as the browser (like current IE), run in a separate process (like Firefox), or run in a more isolated VM where each tab and window is in its memory space (Chrome)?

The Web browser is the first source of attack, and one of the primary means for malware to get on a system. Even with the low security context that IE had starting in Vista, that wasn't sufficient for isolation. It almost takes running the browser in a sandbox (sandboxie) or a complete VM (with its own filesystem) to protect a machine against browser weaknesses, just because a browser is always in constant contact with untrusted code.

I hope MS designs Edge with a lot more isolation (so a compromised add-on in one window can't attack another window or tab), because when designing a new browser is the only real time that they can do it right with security, as opposed to reactively fight fires, as with IE.

There has been a few cases where I've ended up doing a V2P migration (which is extremely rare, but usually for something that, by policy, has to be on its own hardware, or that I create the VM and get the app in place and tested, then image it to a machine's bare metal for production use via WIM or another mechanism.) I'm sure these will leave the VMWare client files running, but not doing anything, similar to how a Hyper-V to VMWare migration leaves the Hyper-V files present.

In fact, if one turns on Hyper-V in Windows 8 and newer, it might register as a VM to malware, even though it essentially is just a single instance.

Ideally, depending on environment, I've found that separating the system from programs under Windows is tough. Reinstall the system, and most programs will need to be reinstalled due to Registry entries missing. Some programs can allow this (mainly MMOs, oddly enough -- WoW, Rift, EQ, and EQ2 can be split off and run on a Windows instance without reinstallation), but most won't. So, for Windows, keeping one's data separate is more of a focus than splitting the application from the OS.

OS X has a similar issue (mainly because /Applications can't really be moved to a separate partition [2], but I could be wrong.) However, it is easy to move /Users to another partition.

Other operating systems, a system, application, and data separation makes sense. In AIX, this is something you are supposed to do, so you can have multiple rootvgs available [1]. Linux, it is good as well, since you can split /opt off and reinstall without affecting applications.

[1]: In high security installs of AIX, no process has root. UID 0 can be configured to be just a schmuck user. To update these where no process has the ability to install software, the rootvg needs to be rebooted, another instance of AIX loaded that will do the OS updates to the secure one, then the machine (or LPAR) gets booted back to the secure OS root.

[2]: Wish Apple would bite the bullet and add ZFS into OS X as a root filesystem (and not via FUSE.) This way, it really doesn't matter where what data is physically located where, other than the code for booting.

I read people saying the exact same thing about Macs, with statements that OS X is "100% secure". After recent events, I don't read much about that (although with the fact that most Mac programs are downloaded from a secure repo does help put the kibosh on Trojans.)

Linux isn't bulletproof. There are new programs that wind up even in enterprise distros that can wind up being avenues for remote attack. Plus, Firefox under Linux will behave the same if compromised just as Firefox under Windows does. I do agree the AdBlock/ghostery/noscript addons are the most important frontal defense, arguably more important than an AV program, but nothing is completely secure, not even on Linux.

This isn't to bash Linux... but it isn't invulnerable, especially if it started picking up traction on the desktop.

This does exist, and is the UDF filesystem. This allows writing in packets and sessions, without affecting existing data on media. However, having a hard drive controller enforce this (to prevent a blkdiscard /dev/sda or a dd if=/dev/zero of=/dev/sda) would take some engineering.

Next to an appliance, the real answer to this might be good old fashioned tape. The newer LTO drives can use WORM media, can be hardware set read-only, and encryption can be set on the drive itself. However, tape has wound up being aimed at the enterprise. Maybe if some maker of the LTO consortium made a drive that could tolerate lower speeds and run at USB 2.0 as a low common denominator, this would improve the ability to have reliable backups.

I just wonder where the point of pushback is. For example, one reason I see kigurumi becoming popular is because it allows people to interact with each other, except FB and other pictures only have the person's doll masks as photos. Yes, wearing masks and zentai suits can be made illegal, but it only ensures people will push back harder, especially here in the US where prohibition, and the War on Drugs have showed that making something illegal only makes it more popular... basically a long term Streisand effect.

I'm also noticing that physical gaming at stores is resurging, so people are trending away from stuff like WoW, and going back to Warhammer or just playing pencil and paper AD&D or Pathfinder. Having people not interested in doing every bit of communication electronically is a positive step.

For now that is. Right now, malware writers are going for low hanging fruit, who don't even know what a VM was, or if they ran one on their desktop, would complain about performance (not knowing the VM disk images belong on a SSD, or at least their own spindles to not contend with the host desktop OS [1].

Once VMs gain traction (say someone combines dedupe with COW and applications wind up with their instance of an OS with just the footprint of the application so VMs become as common as applications with their own separate stack/heap are now), it will be a different story. We will start seeing attacks on hypervisors start being attempted [2], but since hypervisors have historically been built from the ground up for security, this will help mitigate things. Of course, as stated elsewhere, the bad guys can always have their code pull chaff such as a fake malware instance to lead researchers on rabbit trails.

[1]: Desktop OS. This isn't as big an issue with ESXi, especially with compute nods and big fat disk caches on the HBAs or CNAs.

[2]: Mixed bag. I'd like to see hypervisors get hardened, but if there is some sort of attack at the CPU level, that means malware in one VM has it made on the entire machine... and there would be no way to ever address that short of tossing the CPU or entire machine.

This may be our saving grace, something as simple as doing one's work in VMs, using the bare metal OS pretty much as a hypervisor and method to back up the VM images. With SSDs, this makes the job easier (because booting an OS isn't that I/O intensive, but you have multiple instances fighting for the drive head on conventional HDDs, which causes I/O slowdowns across the board.)

VMs are one of the few tools that can fight ransomware effectively. If the software doesn't play and deletes itself, no major loss. When hypervisors start getting "smarter" and are able to use heuristics to detect zero day infections that are hidden to the OS in a VM, this will raise the barrier significantly. Of course, the ability to roll back to a known, good snapshot in seconds completely negates ransomware's ability to destroy stuff, forcing the software to have to be inactive for a long period of time to hide its functioning.

I'm reading this as basically creating a tar file of the machine and documents, throwing it to a remote machine's incoming directory, and that incoming machine moving the file to somewhere inaccessible to the client?

This is a way to do it, but might be better to just have the NAS or other appliance initiate the pull so the data can be better stored in snapshots.

Now that's the rub. All it takes is for the trail to hit a country that is overtly hostile to the US, or just not willing to cooperate, and the trail goes cold. For example, if the perp who made malware tools was situated in Yemen, Brazil, or Venezuela, the local government would be giving the person accolades for doing such a thing.

As for Bitcoins, they are definitely traceable. However, efforts like tumblers and CoinJoin may be new and holes found, but they are getting better, and if combined with an exchanges that would trade BTC for another currency, that would leave the trail cold. If worse comes to worst, there will be someone who makes a BitCoin 2.0 that has anonymity built in.

US law enforcement can't really fix this problem, just because it is almost invariable that any investigation will lead outside of the country's borders, forcing any police work to become an international effort, and other countries tend to really not care if a foreign citizen gets taken for a ride, as opposed to investigating domestic issues.

This is a problem that has to be fixed by technical means. Legal means will not really work here.

It also is going to backfire.

Take SSL/TLS. Are they going to demand both parties stash the session key, or do their handshaking through a proxy logging each packet? The first time some intruders nail that data store and find out a bunch of banking passwords, the cost of that breach will be incredible. If they alter the SSL/TLS algorithm, will it bring unexpected changes that destroy the algorithm's security, or the code used not implement the changes in a secure fashion?

As for outlawing it, it -could- be done, but it would require far-reaching internal and external controls, with very sophisticated algorithms to detect unauthorized encryption, and pull that machine from the net. However, this is a cat and mouse game... and ultimately, the bad guys are just going to do like Daesh, and AQ before them... and go back to couriers, dead drops, and burner phones. Yes, it doesn't give as fast results as the Net, but it is a lot tougher to intercept. So, it an be done... but it is doubtful that even the British people would tolerate this much interference in their lives.

Unfortunately, as it stands right now, even with rapid growth, ransomware is approaching its infancy. I'm not going to be surprised when the next CryptoWall releases go after Active Directory and enterprise-level resources, as opposed to local items and the network share or two.

Three reasons why this is:

1: There are no SOHO backup systems to defend against it. If you can get the user to not restore in 30 days with most cloud backups, their data is gone... and some cloud backups may just only keep the latest (useless) version. Plugging in a USB flash drive, backup drive, using a NAS, or using a Time Capsule works against disasters like HDD failure or accidental microwaving of a laptop... but all ransomware has to do is zero out the backup drive... or just punch random holes in stored files so they are worthless. A lot of newer machines don't have optical drives, much less decent backup software to get the user to back up to them.

If you want a real defense against ransomware, it takes an external backup server which pulls data, stores it where the client machine cannot access or destroy it, and can store images for weeks to possibly years (because as ransomware evolved [1], it will be running longer before it gets detected.) However, not many home users will buy a PC with some drives, slap Windows Server 2012 R2 Essentials on it (which replaces Windows Home Server), and use that to pull backups from their desktops. There are appliances that do this... if you want to pay $50,000 to Symantec for a NetBackup appliance, and have the rack space for it.

What is really needed is a standard, cross platform backup client that not just allows for files, but snapshots (so open files can be copied) and entire machines, so bare metal restores are easy to accomplish, be it a restore to a local drive, or via the network. For authentication, something similar to SSH. This way, a user can buy an appliance, log onto the console, set up backups (perhaps RSA key exchanges), set up schedules, and call it done. More features (encryption, deduplication) can be added... but the main thing is getting backups going in the first place.

2: The infection vectors are still there. For example, a malware writer might write code to take advantage of a compromise/buggy browser add-on, it goes through an ad server, and winds up nailing people visiting even mainstream sites.

Even ten years later, the Web browser is still the primary infection vector. Even with virtual machine and container technology, if an add-on gets nailed, there is a good chance it can seize the entire browser, and thus a user context. Even with just the context of a browser add-on, it likely can read and write to any documents the user has access to. Add a few more exploits, it can run unfettered as a user, or even get admin/root rights so it can reflash the firmware on drives, video cards, keyboards, and other items.

This can be limited by running the browser in a VM or sandbox, but most users won't be doing this, so it is only a matter of time before the next add-on has 0-days, and just visiting a site results in compromise.

3: Not as bad as drive-by compromises, but Trojans are still an issue. On Linux, BSD, and OS X, this is less of an item, since users are conditioned to use a repository. Windows still is wild and wooly when it comes to this, and even if one does visit the right download site, it might be a mirror decided to pack some additional "functionality" into the installer, and re-sign that with their own Authenticode key, so it passes the signature check test.

The possible fix? MS having a store that allows for more than just Metro applications to be installed and updated, preferably with active, brutal curation. That way, if a user wants a copy of WinZip, they just fetch it from the store, rather than risk a compromised website, mirror, CDN, or app installer.

Ransomware is going to be with us a long time, just because it does well at going after the low hanging fruit, and with what is available (domain admin rights, for example), just encrypting files is just the initial salvo in this battle.

[1]: It pretty much a fact that malware, as a whole, is the absolutely best code when it terms of quality, robustness, and updates.

With how many robots are in use, it was just a matter of time before some freak accident would happen. Even if one set of chances are one in a million that something would be overridden at the right time, coupled with the one in a million chance of being in the wrong place, eventually someone is going to roll all "1s".

This is what insurance is for.

Were it not a robot, this would be dismissed as another accident at work, the worker (or next of kin) recompensed, and life would move on.

What I don't get is why FB doesn't just use tape. Tape drives are expensive, but the media itself is cheap -- LTO-4 cartridges are $15 apiece, and tape is a true archival grade media.

Plus, with tape, you copy it to that, yank the tapes out of the autochanger, and toss them in an unused corner of a room. Tapes take 0 watts in storage (other than what it takes for HVAC), so other than physical access concerns, they are easily stashed and will remain usable for quite a long time.

If any industry needs a kick in the pants with regards to capacity improvements, it is the tape media industry. A tape has far more area to put data on than a HDD platter, so there is a lot of room to add capacity, as well as reduce price with cartridges and drives, especially if mass produced so economies of scale kick in. Back in the 1990s, almost any business had some form of tape drive, which worked fairly decently for backups (although 4mm/8mm drives are nowhere near as reliable as a LTO drive.)

No, tape isn't trendy... but it functions well, and with WORM media or hardware write protection, it is resistant to malware. With hardware encryption in newer revs (LTO-4 and newer), it is trivial to just set a password and call it done when it comes to that security... that way, if a tape falls off the Iron Maiden truck, it is just a hardware loss... no worry about compromised data.

I've found that EQ1 is still pretty good... but you have two choices:

Play on a timelocked server, where there is relatively not that much content... but it winds up grindy.

Play on a regular server and get your levels and AAs so you can group/raid.

Timelocked servers have nostalgia value... but it might be too slow and quirky for someone new, and one can wind up hitting a dead-end (can't really solo, no groups), especially when the newness wears off.

There are also plenty of other MMOs still around. DAoC is still twitching, DDO, Neverwinter, and LOTRO are still going. Rift is still an alternate to WoW (except minus the mini-game of garrisons [1])

IMHO, what kills MMOs for me are the cash shops. Daybreak does it right -- you can buy gewgaws, pets, mounts, and bags... but other than XP potions, there isn't anything that can affect game play. Rift, on the other hand, I wound up pulling my sub for good (I used to subscribe yearly) because people just hit the shop, and buy a set of raid-tier armor. Rift was great in customization, but the fact that you can toss cash and wind up with all the endgame stuff has put the game into the same category as the junk (IMHO) F2P/P2W "MMOs" found on Android and iOS.

[1]: Oddly enough, the garrison mini-game is one of the nice things about WoW. Cycle missions on alts in the morning, cycle missions later on, and they wind up at a point where they can still run the circus of LFRs, if not normals.