From owner-freebsd-questions@freebsd.org Sat Nov 21 04:57:19 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DB0DA32CA4 for ; Sat, 21 Nov 2015 04:57:19 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 602321395 for ; Sat, 21 Nov 2015 04:57:18 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de (port-92-195-76-245.dynamic.qsc.de [92.195.76.245]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 620673CD54; Sat, 21 Nov 2015 05:57:08 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id tAL4v7EW002270; Sat, 21 Nov 2015 05:57:08 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Sat, 21 Nov 2015 05:57:07 +0100 From: Polytropon To: "Garance A Drosehn" Cc: "FreeBSD -" Subject: Re: ransomware virus on Linux Message-Id: <20151121055707.aa54f280.freebsd@edvax.de> In-Reply-To: <65FDDF03-930D-4D92-A961-7C7C9ECB2579@rpi.edu> References: <20151119064434.GB1925@c720-r276659.oa.oclc.org> <86y4dtiqc3.fsf@WorkBox.Home> <20151120002132.7a4e3a82@gumby.homeunix.com> <2021B94D-F9CA-4346-BDA5-A3A460C6BA3B@mac.com> <65FDDF03-930D-4D92-A961-7C7C9ECB2579@rpi.edu> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Nov 2015 04:57:19 -0000 On Fri, 20 Nov 2015 10:57:37 -0500, Garance A Drosehn wrote: > On 19 Nov 2015, Charles Swiger wrote: > > > On Nov 19, 2015, at 4:21 PM, RW via freebsd-questions > > wrote: > >> What worries me is that the next version might target Linux > >> workstations > >> where there's a lot of very complex software running as the owner of > >> the user data. > > > > Ransomware which encrypts your stuff isn't a major problem if you have > > a current backup. > > > > So, verify that your backups work. > > Which really means: Verify that your *restores* work! :) That's already in the definition: A backup which you cannot restore is not a backup - it's garbage. :-) > (Certainly I've seen cases where someone was running backups > regularly & automatically, and everything looked fine. But when > they finally needed to restore something, they found out that those > backups were not really working, or were working but not backing up > as much as the user thought they were backing up) True, I've seen that too. Untested backups with "experts" relying on them (and other "experts"' assurance that everything would work if needed). The worst thing _I_ have actually seen in reality was (many years ago) a customer who's "professional consultant" had messed up the backup process so nothing was written to the tapes, and nobody had checked the logs, so the customer ended up with a box of blank tapes; the box was labeled "BACKUP". You can imagine how "satistied" the customer was with his expensive "service" when the worst case happened, disks crashed, and he would just have to restore yesterday's backup... :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...