Had a friend tell me about his sister getting hit by this. She went to use her computer, it said that it had been locked out. In order to unlock it, they would need to send $500 in Bitcoin payment to them. She called around, trying to find some help, called the police, the police told her to call the FBI, she called the FBI and the FBI said "Pay it, it's nothing we can do and it's the only way you'll get access back, have a nice day".

She didn't know what a Bitcoin was, got with someone that helped her with that, she paid the people $500 in Bitcoin, they gave her access back to her.

It's untraceable, and real money has changed hands.

It was interesting he was telling me that, as I had read about it on some tech site not too long ago.

Just something to be aware of out there. It's not fake, it's very real.

Even the police department paid up!
http://www.chicagotribune.com/news/local/breaking/ct-midlothian-hacker-ransom-met-20150220-story.html

I saw a story on this a couple of weeks ago on NBC Nightly news. The options were pay the extortion fee or buy a new computer.

Nothing new about this. You friend got really lucky; they usually just ignore you when you pay them. But they are likely to do it again next week, so maybe not so lucky.
Don't open emails that look the least bit odd, don't go to odd websites, and back up you computer daily.

Nothing new about this.

I think the new part to me is that they are basically taking over your computer and encrypting all the files or access to the files. So the files are there, just encrypted. You pay them to get the key to unlock the encryption and it appears to actually be people there that will unlock it, not just some scammer that takes your cash and leaves you with the worthless computer.

This scam started a couple of years ago. Search about cryptolocker. By now there are no doubt immitators.

I just read about this cryptolocker thing.

I wouldn't pay them.

First, there is no guarantee they will unlock your files.

Second, There is no guarantee they won't hit you again.

Third, Everyone that does pay them encourages them to hit someone else.

Just take it somwhere and have them format the drive and lay the operating system back down. Costs a lot less thn $500.

...called the police, the police told her to call the FBI, she called the FBI and the FBI said "Pay it, it's nothing we can do and it's the only way you'll get access back, have a nice day".


Even the police department paid up!

Really doubt that this is true, FBI saying have a nice day that is. The fact they can't / won't do anything is incomprehensible

Really doubt that this is true, FBI saying have a nice day that is. The fact they can't / won't do anything is incomprehensible

Pat, that comment wasn't meant literally, but just that they said there wasn't anything they would do and it was up to her to figure it out because they weren't going to do anything. It's a figure of speech around here, and that's just how the story was told to me. I'm sure they didn't end the call with "have a nice day", but they did tell her they wouldn't do anything about it.

They give step by step instructions on how to remove the software. You may be able to copy your files via a linux cd also. there is no real reason to pay for this.

Just take it somwhere and have them format the drive and lay the operating system back down. Costs a lot less thn $500.

This is the right answer more or less. Just pull out those recovery discs you made when you first setup your system, restore your system, re-install any additional applications you added and restore your files from your latest backup. If my machine were compromised today I would only lose 3 days of work.

I realize many, many people are just barely users of computers but, anyone responsible enough to balance a checking account can perform a regular backup. Backups are easy today. The excuses of the past are just that, excuses. when you're done with Facebook or World or Warcraft for the night, fire off a backup before you get up to walk away; its that simple.

Just so you don't think I'm just preaching here, I too fail to do backups now and again. It is almost without fail that during any extended period between backups is when something will go wrong. Murphy has definitely kept pace with the information age :D

Just pull out those recovery discs you made when you first setup your system, restore your system, re-install any additional applications you added and restore your files from your latest backup. If my machine were compromised today I would only lose 3 days of work.

No reason to lose 3 days of work. There are several free programs that will back you up to the cloud. I've never needed to do a restore, but I have recovered files I deleted on my computer months ago. (I made a hotel reservation and canceled it. After getting the cancelation confirmation I deleted everything. 4 months later the hotel charged me because I didn't show up. Would have had to pay if I hadn't been able to recover the confirmation.)

I just read about this cryptolocker thing.

I wouldn't pay them.

First, there is no guarantee they will unlock your files.

Second, There is no guarantee they won't hit you again.

Third, Everyone that does pay them encourages them to hit someone else.
How do they hit you with this encryption scheme? An email attachment?

Really doubt that this is true, FBI saying have a nice day that is. The fact they can't / won't do anything is incomprehensible
They can't do anything for two reasons: 1) It's a personal system, and 2) It's 256-bit crypto*.



They give step by step instructions on how to remove the software. You may be able to copy your files via a linux cd also. there is no real reason to pay for this.
Once encrypted, there's nothing you can do about it without the key*.




* I starred both responses because there's a caveat. When this ransomware first hit the streets, it was a true 256-bit crypto key. Brute force will not get you an unencrypted drive within your lifetime with a 256-bit key. However, some copycats decided they wanted in on the action... the problem was they didn't understand crypto, and their implementation of the algorithm was poor. This poor implementation effectively hobbled the key (offhand I don't recall how many bits worth it dropped), leading to a brute force attack on a much smaller key length being feasible. Software is now available to guess the key on the hobbled version and get your data back.

Nutshell... if you are unlucky enough to get the real version, you have two choices: 1) Pay the ransom and hope the send you the key, or 2) reformat. There are NO other options.

Had a friend tell me about his sister getting hit by this. She went to use her computer, it said that it had been locked out. In order to unlock it, they would need to send $500 in Bitcoin payment to them. She called around, trying to find some help, called the police, the police told her to call the FBI, she called the FBI and the FBI said "Pay it, it's nothing we can do and it's the only way you'll get access back, have a nice day".

She didn't know what a Bitcoin was, got with someone that helped her with that, she paid the people $500 in Bitcoin, they gave her access back to her.

It's untraceable, and real money has changed hands.

It was interesting he was telling me that, as I had read about it on some tech site not too long ago.

Just something to be aware of out there. It's not fake, it's very real.

Even the police department paid up!
http://www.chicagotribune.com/news/local/breaking/ct-midlothian-hacker-ransom-met-20150220-story.html
It stinks these people can rip you off because of this encryption scheme.

It stinks these people can rip you off because of this encryption scheme.

No, what stinks is how they can get away with it because of bitcoin. The only purpose of bitcoin is to facilitate illegal transactions. Why on earth is it legal?!

I have had to do this several times with ransom ware: Force a shut down as soon as you see the dreaded FBI message (pull your battery if you have to), then start in safe mode (F6?), then do a restore to a previously known good date. Quite simple. Didn't loose anything.

I have had to do this several times with ransom ware: Force a shut down as soon as you see the dreaded FBI message (pull your battery if you have to), then start in safe mode (F6?), then do a restore to a previously known good date. Quite simple. Didn't loose anything.
I think you tap F8 as your system is restarting.

I have had to do this several times with ransom ware: Force a shut down as soon as you see the dreaded FBI message (pull your battery if you have to), then start in safe mode (F6?), then do a restore to a previously known good date. Quite simple. Didn't loose anything.

It wasn't Cryptolocker (or many of its variants), then... your drive is encrypted before you get the screen of death.

I have had to do this several times with ransom ware: Force a shut down as soon as you see the dreaded FBI message (pull your battery if you have to), then start in safe mode (F6?), then do a restore to a previously known good date. Quite simple. Didn't loose anything.

Why would you need to pull the battery?

They can't do anything for two reasons: 1) It's a personal system, ...
Here I was thinking all along that blackmail was illegal and that our fine law enforcement organizations were there to go after these crooks. I understand they probably can't help the individuals affected. I think they should have said something like "the FBI always gets its man"

Why would you need to pull the battery?
The ransom ware locks the computer so badly that you can't even pull up Task Manager (control+alt+delete) to stop the program from running (doing bad things?) nor can you stop it by hitting your off button, or with a laptop, pulling the cord out of the wall if you are plugged in. So if you ever get that ransom screen, stop the computer immediately, don't even try to just stop the program from running as the first thing it does is lock you out. Maybe they were different programs or I was able to stop them before the dreaded encryption (which I imagine takes time). But the program, pretending to be the FBI, accuses you of illegal acts, (piracy or child porn and so on) and demands that you send them money as a "fine" in order to unlock your computer. Happened three times to me on various sites, which I don't even remember which ones. Not saying there are worse programs than the ones I ran into, just that I found an easy way to sidestep the ones I ran into when they occurred.

It wasn't Cryptolocker (or many of its variants), then... your drive is encrypted before you get the screen of death.

Dan, didn't some secuity Cos. (perhaps Kaspersky?) figure out a way to reverse engineer the keys or something so as to be able to unlock the encrypted drives without having to pay? Of course the malware could have evolved. What I took from what I read is that Cryptolocker uses Microsoft's encryption engine found in all Windows versions to encrypt the disk. No Windows, no Cryptolocker. I could download the malware but it wouldn't do anything.

Dan, didn't some secuity Cos. (perhaps Kaspersky?) figure out a way to reverse engineer the keys or something so as to be able to unlock the encrypted drives without having to pay? Of course the malware could have evolved. What I took from what I read is that Cryptolocker uses Microsoft's encryption engine found in all Windows versions to encrypt the disk. No Windows, no Cryptolocker. I could download the malware but it wouldn't do anything.

This was what I mentioned earlier, but it was due to a poor implementation of the algorithm, which meant the key length was not nearly as long (effectively) than it was programmed to be. The home user has zero chance of decrypting a 256-bit key.

I had another thought. If you copied your entire hard drive onto another drive not connected to the computer except when you are updating the back up, this scam would pretty much fail as you should be able to boot to a CD and format the hard drive, then return your copy to the original hard drive.

Of course you could also avoid questionable sites and avoid opening emails with attachments.

Not a new scam at all...it's been around for some time now and called "ransom ware". Keep backups off the computer and instead of paying...blow away the computer and rebuild.

Keep backups off the computer and instead of paying...blow away the computer and rebuild.
Exactly what I would do. For $500 you can build a nice machine.

I had another thought. If you copied your entire hard drive onto another drive not connected to the computer except when you are updating the back up, this scam would pretty much fail as you should be able to boot to a CD and format the hard drive, then return your copy to the original hard drive.


The not connected to the computer is a problem. I do backups at 6pm to an external drive. Is there anyway to make the drive not available to the system except between 6pm and 6:30? That would give me a 98% chance of surviving intact. (I also do a cloud backup, so I won't lose any data, but the external drive is an image, so I would only have to format and restore to just keep going.)

The not connected to the computer is a problem. I do backups at 6pm to an external drive. Is there anyway to make the drive not available to the system except between 6pm and 6:30? That would give me a 98% chance of surviving intact. (I also do a cloud backup, so I won't lose any data, but the external drive is an image, so I would only have to format and restore to just keep going.)
Put the external drive's power supply on a timer that kills the power. With out power it can't be accessed. Set the timer just a bit longer than it takes to do your backup.

Nothing new about this. You friend got really lucky; they usually just ignore you when you pay them. But they are likely to do it again next week, so maybe not so lucky.
Don't open emails that look the least bit odd, don't go to odd websites, and back up you computer daily.

It falls so short to say that. You can go to the most innocent website and by the time your antivirus arcs up it's too late. Have a comprehensive back of the data you can't afford to lose - nothing less. They can burn your computer but if you have a back up you are good to go... If you don't know how to do that then start learning how now. It's as simple as typing in "best backup for my mac, pc" and spending a couple hours reading, and then acting.

Suggestions...

1. Don't set up automatic backup... backing up the encrypted files won't help much!

2. Run your hard drive encrypted all the time! With modern PC's, the overhead isn't that bad.

3. Replacement hard drives are cheap. Usually no need to replace whole computer.

4. If backing up to an external drive, disconnect when not actually in use. Don't use the backup drive for any thing else

5. Run Linux for web-surfing/email and anything for which windows/OSX isn't absolutely mandatory.

6. Don't open unsolicited email, or email from an unknown source.

7. If you must run windows... Don't run Internet Explorer!

8. DON'T pay crooks!!!!

9. Get rid of XP or older operating systems!

I see lots of ads for 32 and 64-GB USB 3.0 class flash drives that are deeply discounted. I think I just saw 32-GB versions for about $15 or $20 (I think at Best Buy).

Most people don't have anywhere near that much data. So having a couple of them with copies of your important stuff would be easy and cheap.

Easy to keep off-site, too, in the detached garage or a relative's house. Onsite backups are great but if disaster (fire, for example), they aren't much help.

I see lots of ads for 32 and 64-GB USB 3.0 class flash drives that are deeply discounted. I think I just saw 32-GB versions for about $15 or $20 (I think at Best Buy).

Most people don't have anywhere near that much data. So having a couple of them with copies of your important stuff would be easy and cheap.

Easy to keep off-site, too, in the detached garage or a relative's house. Onsite backups are great but if disaster (fire, for example), they aren't much help.

Throw them in a fire proof box.

2. Run your hard drive encrypted all the time! With modern PC's, the overhead isn't that bad.

What software will do that?
How does it help with ransomware? Can't they encrypt it again?
Does it interfere with backups? Several times I have needed a deleted file and found it on a 2 month old backup. Will that still work?

What software will do that?
How does it help with ransomware? Can't they encrypt it again?
Does it interfere with backups? Several times I have needed a deleted file and found it on a 2 month old backup. Will that still work?

Wade, you're correct, encrypting volumes, folders, or files, won't prevent the crypto-locker from doing so again.

If you're running the Windows backup applet on something like Windows 7, I'd suggest creating an additional user account on your PC called "Admin," with full administrator rights. Assign a unique password to that account. Now demote all the other accounts so they don't have administrator rights.

Now, if you infect your machine while logged in as one of the demoted users, malware won't be able to access the backup volume data. And an infection that occurs under the user "Phil" (for example) won't be able to attack other demoted users, like "Karen."

The only exception is, if UAC (User Account Control) pops up asking for elevated privileges and you type in the password for "Admin." In that case, the malware will have access to pretty much everything on your PC and backup drive.

Now, if you infect your machine while logged in as one of the demoted users, malware won't be able to access the backup volume data. And an infection that occurs under the user "Phil" (for example) won't be able to attack other demoted users, like "Karen."

The only exception is, if UAC (User Account Control) pops up asking for elevated privileges and you type in the password for "Admin." In that case, the malware will have access to pretty much everything on your PC and backup drive.

That helps, but it is in no way foolproof (particularly for Windows).

That helps, but it is in no way foolproof (particularly for Windows).

The modern operating system is the most complex thing ever conceived of by man. Nothing is foolproof where any of them are concerned.

New security vulnerabilities that provide access to malicious code (often with system or administrator rights) are discovered on a fairly regular basis. Inexcusable seeing as there are so many excellent development tools that will identify most of them.

But the vast majority of home users are nailed because they are running with administrator rights. No security hole is necessary when you leave the front door wide open.

I see lots of ads for 32 and 64-GB USB 3.0 class flash drives that are deeply discounted. I think I just saw 32-GB versions for about $15 or $20 (I think at Best Buy).

Most people don't have anywhere near that much data. So having a couple of them with copies of your important stuff would be easy and cheap.

Easy to keep off-site, too, in the detached garage or a relative's house. Onsite backups are great but if disaster (fire, for example), they aren't much help.

Winnah!! I think flash drives are available up to 256 GB. these days and with USB3 interfaces should be fairly speedy. Except for videos or a lot of hi-res photos, even 32 GB. of emails, docs and spreadsheets seems like quite a bit of data for an individual or small biz.

After my last episode I created another user account that is non-administrator that is now my default login. So now any changes require a password

No, what stinks is how they can get away with it because of bitcoin. The only purpose of bitcoin is to facilitate illegal transactions. Why on earth is it legal?!

Some guys on NPR were saying exactly the same thing about cash.

Never occurred to me that the intent was to support Illegal transactions when it was created. I have heard reasons stated for wanting to use bitcoins, and supporting crime was never one of them.The fact that you can use it kind of like cash is certainly one of the reasons that certain criminals may want to use it. On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

I hadn't heard that, I'll have to look into that. It was my understanding that doing bitcoin transaction behind TOR is about as untraceable as you can get these days. Not that you can't be found, but it certainly makes things VERY difficult for the average law enforcement people.

Bitcoin is basically a monetary system (even though they say it isn't money) without the banks in the middle of it all. That's part of the reason it's doing well. It's just peer to peer transactions and no one else has their nose in your transactions.

Some guys on NPR were saying exactly the same thing about cash.

Never occurred to me that the intent was to support Illegal transactions when it was created. I have heard reasons stated for wanting to use bitcoins, and supporting crime was never one of them.The fact that you can use it kind of like cash is certainly one of the reasons that certain criminals may want to use it. On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

No, that is the whole point of it; it is definitively anonymous. I am sure some people are paranoid that if the government sees you buying ammunition with a CC that black helicopters will come down to take you to a camp, but the only sane purpose is to allow criminals to get payments without any chance of getting caught.

No, that is the whole point of it; it is definitively anonymous. I am sure some people are paranoid that if the government sees you buying ammunition with a CC that black helicopters will come down to take you to a camp, but the only sane purpose is to allow criminals to get payments without any chance of getting caught.

Someone living under an authoritarian government might beg to differ. Remember, bitcoins and their like are not used only in the U.S. Of course to that authoritarian government, Falun Gong, Tiannamen square protesters and the like were viewed as criminals.

I am sure they ARE illegal and effectively blocked in China. So how does letting extortionists use them here help anyone.

I'm sure it makes hiding money easier, but in reality, bitcoin is being used for a lot of legitimate transactions. Amazon, Target, CVS, Microsoft, Dell, etc. all take bitcoins and I don't think they are all fostering illegal transactions.

It wasn't Cryptolocker (or many of its variants), then... your drive is encrypted before you get the screen of death.
Has any one posting here actually had an experience with ransomware other than me? Wondering if the encryption of all of your files actually happens or is just an empty scary threat? I would think encryption of your files would take a long time and would drag your computer to its knees, giving you a clue that something is wrong. I don't believe any of my 3 or 4 experiences with the FBI screen (not always the same one) has anything to do with encryption. What is does is that it locks you out from stopping the program from running. You know something is drastically wrong and you panic trying all you can do to get it to stop until you realize the only way to do it is to pull the power plug and restart in safe mode and do a restore to a previous state. Or if your don't know much about computers, pay the $500 or buy a new computer or hard drive.

On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

This statement isn't correct, at least as written. A single bitcoin cannot be identified, but in aggregate, the traffic for a number of bitcoins can be traced to a source/destination, if (and that's a big "if") certain conditions are met. One of those conditions is needing control of one or more entry/exit nodes for the P2P network. This will require a large amount of coin traffic, and it will never be 100% accurate (but it will get you close enough for a judge to say it's acceptable for a warrant). The average user will not get snagged, but the clearing house will.

Ole, I think we're talking about two different things. The FBI warning message is malware that's been around for at least 5 years now. I've seen that thing on a number of people's computers that have called me for help. It's also fairly easy to remove.

The one in the article I posted, doesn't give you an FBI warning, and it apparently does encrypt files, otherwise the police department's IT people wouldn't have had an issue in solving it. The police department actually paid the ransom and it was released.

Of course that brings to mind many, many questions about how they run the computer network at that police department, but that's another story :)

I'm sure it makes hiding money easier, but in reality, bitcoin is being used for a lot of legitimate transactions. Amazon, Target, CVS, Microsoft, Dell, etc. all take bitcoins and I don't think they are all fostering illegal transactions.
They take them but that doesn't mean there is any benefit to it. If the only benefit is to criminals, then why is it allowed.
For legitimate purposes CC or cash work just as well, but bitcoins are a huge benefit to crime.

I know, I know; the constitution allows it, so the government shouldn't stop it. After all, the bad things happen to those other people we don't care about.

They take them but that doesn't mean there is any benefit to it. If the only benefit is to criminals, then why is it allowed.
For legitimate purposes CC or cash work just as well, but bitcoins are a huge benefit to crime.

The majority of illegal businesses are done with cash. So how's bitcoin any different than cash in that respect? Constitution? Bitcoin? I didn't see that one coming.

I have a system that I always follow that would be handy in this situation as well as times when a virus causes problems or a hard drive crashes. I went out and bought the identical hard drive that is in my pc..(just happens to be a Seagate)..then I used Seagate Discwizard to make a complete drive copy and make it bootable. I keep the spare drive on the shelf and about every month I put it in the pc and make a complete drive copy over to it again. I then take it out and put it back on the shelf. If I ever have a situation such as is being talked about here or any other hard drive issue I can just take my spare drive off the shelf and install it in my pc and I'm back up and running again...possibly in the past month since it was drive copied I may loose a few things but I would be pretty much back to normal.

The majority of illegal businesses are done with cash. So how's bitcoin any different than cash in that respect? Constitution? Bitcoin? I didn't see that one coming.

It is really tough to pay off ransomware with cash, really easy with bitcoin.
It is really tough to mail order illegal drugs with cash, really easy with bitcoin.
Bitcoin is sending cash anonymously over the internet; a criminal's dream; and pretty useless for anything else.

If you can't see the difference it must be because you don't want to; because it is pretty obvious.

I have a system that I always follow that would be handy in this situation as well as times when a virus causes problems or a hard drive crashes. I went out and bought the identical hard drive that is in my pc..(just happens to be a Seagate)..then I used Seagate Discwizard to make a complete drive copy and make it bootable. I keep the spare drive on the shelf and about every month I put it in the pc and make a complete drive copy over to it again. I then take it out and put it back on the shelf. If I ever have a situation such as is being talked about here or any other hard drive issue I can just take my spare drive off the shelf and install it in my pc and I'm back up and running again...possibly in the past month since it was drive copied I may loose a few things but I would be pretty much back to normal.

And you do a normal backup on top of that so you don't needlessly lose 30 days of work, right?
And when you say you put it in the computer, you mean you leave it in the computer and just disconnect the cable, right?

It is really tough to pay off ransomware with cash, really easy with bitcoin.
It is really tough to mail order illegal drugs with cash, really easy with bitcoin.
Bitcoin is sending cash anonymously over the internet; a criminal's dream; and pretty useless for anything else.

If you can't see the difference it must be because you don't want to; because it is pretty obvious.

Don't forget about encryption..... Makes it easy to hide electronic stuff.

and pretty useless for anything else.



Amazon, Microsoft, Dell, etc. would disagree with you.

no I don't bother with a normal backup as it is not a work computer so there is nothing really important that I would loose in 30 days. The side panel if off my computer so I just plug the spare drive in then disconnect it again (the drive is actually sitting on my desk when I do this)

The ransom ware locks the computer so badly that you can't even pull up Task Manager (control+alt+delete) to stop the program from running (doing bad things?) nor can you stop it by hitting your off button, or with a laptop, pulling the cord out of the wall if you are plugged in. So if you ever get that ransom screen, stop the computer immediately, don't even try to just stop the program from running as the first thing it does is lock you out. Maybe they were different programs or I was able to stop them before the dreaded encryption (which I imagine takes time). But the program, pretending to be the FBI, accuses you of illegal acts, (piracy or child porn and so on) and demands that you send them money as a "fine" in order to unlock your computer. Happened three times to me on various sites, which I don't even remember which ones. Not saying there are worse programs than the ones I ran into, just that I found an easy way to sidestep the ones I ran into when they occurred.

I run no virus software, no malware software or anything like that. I haven't had a virus in 18 years. I spend hours lurking around the dark parts of the Internet (weird hobby of mine) and have been on some shady sites and I have NEVER had ransomware or anything pop up.

Now my question is, what types of sites are YOU going to? Haha

You are livin' on the edge dude.

Playing with fire.

Burning the candle at both ends.

Tempting fate...

the very best of luck to you... :eek:

I run no virus software, no malware software or anything like that. I haven't had a virus in 18 years. I spend hours lurking around the dark parts of the Internet (weird hobby of mine) and have been on some shady sites and I have NEVER had ransomware or anything pop up.

Now my question is, what types of sites are YOU going to? Haha

How would you know that if you aren't running anything? I'd bet you a doughnut that if you installed something and scanned your system, it would find 100's of things. We've run our accounting computer for the last 4 years without protection and the person that uses it doesn't go to any dark or bad sites. It's strictly a work computer. We installed protection about 2 weeks ago, it found about 30 malware items on it.

If you're purposely going to the dark parts of the internet and you think you don't have anything on your system, I'd guess you're wrong.

Can somebody please give me an example of "dark parts of the Internet?" I'm serious.

I am sure they ARE illegal and effectively blocked in China. So how does letting extortionists use them here help anyone.

There are ways around "The Great Firewall". I suspect it's like a game of 'whack-a-mole'. Those finding those ways around would probably prefer that they were not easily found.

Can somebody please give me an example of "dark parts of the Internet?" I'm serious.

An example would be TOR and the .onion domains. Google them. I use TOR but I haven't gone beyond using it as a browser, which I love. I've learned more about who's tracking my activities by using that browser than I ever knew about. There are a lot of sites these days using geotracking in their websites. That's pretty frightening to me, thinking that I'm browsing a site, just looking around, only to find out they are geotracking me and trying to figure out where I live. That's just creepy. I'm looking at funny dog videos and you're geo locating me? Why? For what purpose?

I run no virus software, no malware software or anything like that. I haven't had a virus in 18 years. I spend hours lurking around the dark parts of the Internet (weird hobby of mine) and have been on some shady sites and I have NEVER had ransomware or anything pop up.

Now my question is, what types of sites are YOU going to? Haha

If you don't run any antivirus or malware software, how do you know you haven't been infected?

If you're purposely going to the dark parts of the internet and you think you don't have anything on your system, I'd guess you're wrong.

I'd tweak this a bit... you're either wrong (about the lack of virii on your system) or your wrong (about going to the dark areas of the internet). Personally, I'd go with choice "you're wrong".

If virii only stayed in the dark corners of the internet, only the dirty birdies would be infected. Even Google gets virii in its ads from time to time, so you could potentially pick one up surfing these very fora...

An example would be TOR and the .onion domains. Google them. I use TOR but I haven't gone beyond using it as a browser, which I love. I've learned more about who's tracking my activities by using that browser than I ever knew about. There are a lot of sites these days using geotracking in their websites. That's pretty frightening to me, thinking that I'm browsing a site, just looking around, only to find out they are geotracking me and trying to figure out where I live. That's just creepy. I'm looking at funny dog videos and you're geo locating me? Why? For what purpose?
I think Sawmill Creek disappeared into a black hole in the internet just a little earlier today

How would you know that if you aren't running anything? I'd bet you a doughnut that if you installed something and scanned your system, it would find 100's of things. We've run our accounting computer for the last 4 years without protection and the person that uses it doesn't go to any dark or bad sites. It's strictly a work computer. We installed protection about 2 weeks ago, it found about 30 malware items on it.

If you're purposely going to the dark parts of the internet and you think you don't have anything on your system, I'd guess you're wrong.


If you don't run any antivirus or malware software, how do you know you haven't been infected?


I'd tweak this a bit... you're either wrong (about the lack of virii on your system) or your wrong (about going to the dark areas of the internet). Personally, I'd go with choice "you're wrong".

If virii only stayed in the dark corners of the internet, only the dirty birdies would be infected. Even Google gets virii in its ads from time to time, so you could potentially pick one up surfing these very fora...

I meant I'm not running an active scanner on a daily basis. I've definitely ran malwarebytes (and other virus/spyware programs) to show people that I don't have anything. The only thing I run is Adblock on Firefox.

..................................
There are a lot of sites these days using geotracking in their websites. That's pretty frightening to me, thinking that I'm browsing a site, just looking around, only to find out they are geotracking me and trying to figure out where I live. That's just creepy. I'm looking at funny dog videos and you're geo locating me? Why? For what purpose?

How else are advertisers supposed to know where you're located so as as to display doggie related ads relevant to your local area? I have a simple way built into my O.S. to turn off tracking if I choose to. So far I haven't.

I meant I'm not running an active scanner on a daily basis. I've definitely ran malwarebytes (and other virus/spyware programs) to show people that I don't have anything. The only thing I run is Adblock on Firefox.

Have you considered adding noscript to that? Noscript can be a bit of a pain when first installed telling it what to allow and what to block. After a bit it's pretty painless.

How else are advertisers supposed to know where you're located so as as to display doggie related ads relevant to your local area? I have a simple way built into my O.S. to turn off tracking if I choose to. So far I haven't.

That would be a good reason to have the code in there, but the one's that caught my attention were sites with no ads on them and nothing to do with needing any location data from me.

It's new in HTML5, isn't it? I don't think this was the case before.

What software will do that?
How does it help with ransomware? Can't they encrypt it again?
Does it interfere with backups? Several times I have needed a deleted file and found it on a 2 month old backup. Will that still work?

May not keep them from encrypting your drive... but think about it a bit. They have enough access to your machine, to encrypt or decrypt at will. What makes anyone think they don't also have access to your, oh say, passwords, and any other personal data you may have on your machine.

At least it may help the many other issues you may end up with!

Modern encryption should be relatively transparent.

May not keep them from encrypting your drive... but think about it a bit. They have enough access to your machine, to encrypt or decrypt at will. What makes anyone think they don't also have access to your, oh say, passwords, and any other personal data you may have on your machine.

I expect that they would simply provide you with a decryption key which you can use to decrypt, even if they no longer have access to your machine. In fact, they never needed access to your machine, they simply needed you to run the "bad program" even if you were not connected. It can then encrypt your machine automatically until you enter a key provided by them.

May not keep them from encrypting your drive... but think about it a bit. They have enough access to your machine, to encrypt or decrypt at will. What makes anyone think they don't also have access to your, oh say, passwords, and any other personal data you may have on your machine.

At least it may help the many other issues you may end up with!

Modern encryption should be relatively transparent.

This makes me wonder about one of the potential downsides to encrypting a disk. If the login password is changed without the account owner's permission or were corrupted, wouldn't the effect would be about like cryptolocker - the contents of the disk are inaccessable? It's possible for an administrator to reset a forgotten or corrupted user password. Will that also decrypt the encrypted disk, or is the original password required? I don't know. If it were possible to reset the account password and unlock the disk, that seems like it'd reduces the benefit of protecting disk contents on a stolen machine for example. It's easy enough to crack or reset admin passwords.

This makes me wonder about one of the potential downsides to encrypting a disk. If the login password is changed without the account owner's permission or were corrupted, wouldn't the effect would be about like cryptolocker - the contents of the disk are inaccessable? It's possible for an administrator to reset a forgotten or corrupted user password. Will that also decrypt the encrypted disk, or is the original password required? I don't know. If it were possible to reset the account password and unlock the disk, that seems like it'd reduces the benefit of protecting disk contents on a stolen machine for example. It's easy enough to crack or reset admin passwords.

I think that the primary reason for encrypting a drive is to protect the data at rest. For example, if my drive fails, I don't worry about sending it back for a warranty replacement. If the computer is running, AND if I am using the disk, then the drive is in a state that anyone using the machine can see the data (well at least mostly). I encrypt my USB key, so, if I drop the key, the data is not accessible to others. On the other hand, I must choose my encryption method such that if I visit you and want to pull something, then we can access the USB key.

On the other hand, if the drive fails, it makes it more difficult for me to recover data from the drive.

Can somebody please give me an example of "dark parts of the Internet?" I'm serious.

I disagree with Mr. Shepherd on his definition of the dark net (well, I kind of do, and he has WAY more experience on this than I).

First, understand that the definition is a bit fuzzy and there is some variance as to what is understood by it. The people that I deal with loosely define it as "IP addresses that are not discoverable by normal means".

http://searchnetworking.techtarget.com/definition/darknet

For example, I stand up a web site with an accessible IP address, and I do not link to it. How do you find it? I am now part of the dark net. It is generally assumed that much that happens on the dark net is shady / illegal; for example, selling drugs, trading illegal pictures, or pirating software.

How do you find these places? Probably in chat rooms and similar, but I have neither the time nor inclination to attempt to figure that out. The place you would find the addresses would be related to what was at the address.

That brings us to what Mr. Shepherd posted. He mentions TOR. TOR provides a means of browsing the internet while hiding your identity. It works mostly, but is slower and there are a bunch of gotchas for which you must be careful.

I am not familiar with the .onion domains (http://en.wikipedia.org/wiki/.onion) but the fact that Mr. Shepherd mentions them is pretty clear proof that he has more familiarity with this than I.

I assume that they use .onion domain because it uses onion routing.... and I need to run...

Andrew, I'm no expert on the "dark web" by any means. I do remember when the internet started and Alt sites were the only real internet. I remember logging into remote computers at Rutgers and the things I read, I wish I hadn't ever read.

I don't know about publishing sites using the IP addresses as you mentioned, I just barely know about the .onion sites, only because of my growing interest in what's being gathered when we surf. Apparently the .onion sites, promoted from the TOR project, you can publish anonymous sites, which I would assume is were some things not ready for prime time are posted. I don't know, I haven't ventured into that arena.

I do remember when the internet was free and private. No matter what you did, nothing was tracked. I remember remote logging into a lot of computers in the early days, some, maybe not to legally, but in those days, it was easy to use passwords like anonymous and you could get in. Never did one worry about getting a visit from the FBI. Do that now, and you might end up in prison :)

TOR, like you said, really isn't anything other than an browser that seeks to protect one's privacy. Where you go from there is the key. There's stuff like silk road, where a LOT of illegal activity goes on, as well as the government shutting it down when they can.

While I don't know a lot about it, I'd say the silk road area is part of the dark internet, along with sites using the techniques you mentioned, as well as the .onion sites. I'm sure there's a lot more, but it's not something I go to or use, so my knowledge is based solely on reading bits and pieces from tech sites over time.

First, understand that the definition is a bit fuzzy and there is some variance as to what is understood by it. The people that I deal with loosely define it as "IP addresses that are not discoverable by normal means".

http://searchnetworking.techtarget.com/definition/darknet

For example, I stand up a web site with an accessible IP address, and I do not link to it. How do you find it? I am now part of the dark net. It is generally assumed that much that happens on the dark net is shady / illegal; for example, selling drugs, trading illegal pictures, or pirating software.

How do you find these places? Probably in chat rooms and similar, but I have neither the time nor inclination to attempt to figure that out. The place you would find the addresses would be related to what was at the address.

A darknet takes many forms. One could even consider a company LAN as a darknet... it may be accessible via a VPN, for example, but you have to know the proper credentials to gain access. It's hidden in plain sight, so to speak... it's always connected to the web, but you have to know where to look and how to get there to gain access.

Wade, you're correct, encrypting volumes, folders, or files, won't prevent the crypto-locker from doing so again.

If you're running the Windows backup applet on something like Windows 7, I'd suggest creating an additional user account on your PC called "Admin," with full administrator rights. Assign a unique password to that account. Now demote all the other accounts so they don't have administrator rights.

Now, if you infect your machine while logged in as one of the demoted users, malware won't be able to access the backup volume data. And an infection that occurs under the user "Phil" (for example) won't be able to attack other demoted users, like "Karen."

The only exception is, if UAC (User Account Control) pops up asking for elevated privileges and you type in the password for "Admin." In that case, the malware will have access to pretty much everything on your PC and backup drive.

Okay, I have enabled administrator and put a password on it. I then changed "Wade" to an ordinary user.
I am currently using Ghost to do local backups, and Carbonite to do cloud backups. I should stop doing them from "Wade" and do them from "Administrator". Is that correct?
I guess the truly paranoid would create a new ordinary account and use it only for emails; would that stop it dead?

Okay, I have enabled administrator and put a password on it. I then changed "Wade" to an ordinary user.
I am currently using Ghost to do local backups, and Carbonite to do cloud backups. I should stop doing them from "Wade" and do them from "Administrator". Is that correct?
I guess the truly paranoid would create a new ordinary account and use it only for emails; would that stop it dead?

I don't typically enable Administrator but rather just create an account called "Admin" with admin privileges. Enabling administrator should work fine, though.

I'd imagine any scheduled tasks run by Ghost or Carbonite would run with system privileges. If you try to run either app when logged in as "Wade," does the elevation prompt show up where you're asked to input your administrator password? If not, create an Admin account and disable the administrator account, and try again. If yes, then check your external hard drive and make sure Ghost is writing new backup files, and check the Carbonite control panel and make sure backups are kicking-off when you'd expect.

If you're doing backups manually (unscheduled), you can probably do them either through Administrator or Wade, provided running them from Wade asks for that Administrator password.

For people that have to do a lot of risky work (I know a publishing/editing assistant that opens 75+ attachments a day, she isn't even looking at what it is any more) I setup 1-2 "Burn" accounts so if one gets hammered, they can reboot and use another.

I'll suggest that an "administrator" account shouldn't be named "admin" or "administrator" to reduce its susceptibility footprint further. Name it "Marvin" or something innocuous... :D