The ransomware WannaCry has infected hundreds of thousands of computer systems around the globe, but a security researcher claims he’s figured out how to beat it.
In some cases, that is.
Adrien Guinet says that he was able to decrypt a ransomwared computer running Windows XP in his lab by discovering the prime numbers that make up the WannaCry private key. The private key is what a ransomware victim would need to buy off his attackers in order to regain access to his own files, but Guinet says he was able to do this without paying any Bitcoin ransom.
Importantly, Guinet acknowledges this technique has only been demonstrated to work on a computer running Windows XP. Why does that matter? Despite initial reports, those systems were not affected by the major May 12 outbreak as the worm that spread the ransomware didn’t hit those systems.
However, WannaCry itself doeswork on XP — suggesting that if the ransomware manages to spread to XP this new technique could be used to help future victims.
There are some other provisos as well.
“In order to work, your computer must not have been rebooted after being infected,” Guinet wrote on Github. “Please also note that you need some luck for this to work,” he added, “and so it might not work in every cases!”
Why luck? As Guinet explains, when WannaCry infects a computer it generates encryption keys that rely on prime numbers. Here comes the important part: The ransomware “does not erase the prime numbers from memory before freeing the associated memory.”
“If you are lucky (that is the associated memory hasn’t been reallocated and erased),” continues Guinet, “these prime numbers might still be in memory.”
If you can recover those prime numbers, as Guinet says he did, you can decrypt your files.
Guinet released the software he used to decrypt the infected system to the public. He calls it “Wannakey.”
As mentioned above, Wannakey has not been tested on a large scale and so it may not be a silver bullet. It does, however, suggest that data considered lost in future ransomware attacks may actually be recoverable. And that is some much needed good news.
May 18, 2017 / Comments Off on Security researcher says he’s figured out how to decrypt WannaCry
Still stubbornly running an ancient version of Windows, despite the security threats? You’re in luck, this time.
The ransomware attack known as WannaCrypt that sent organizations and individual users around the world scrambling for security cover has been addressed by Microsoft, the company behind the most widely used operating system on the planet, with a new software update. And, to the relief of many holding onto old versions of Windows, the update plays nice with some old school systems, too.
Late Friday, the company posted an official notice on its site regarding the update as well as general guidance regarding the WannaCrypt attack. The update covers users on Windows XP, Windows 8, and Windows Server 2003 (the attack didn’t target Windows 10, according to Microsoft). Additionally, Microsoft advises users to “use vigilance when opening documents from untrusted or unknown sources.”
The patch goes all the way back to Windows XP, a version of Windows Microsoft stopped supporting several years ago.
This update is particularly noteworthy because the patch goes all the way back to Windows XP, a version of Windows Microsoft stopped supporting several years ago. Regarding that unusual move, Microsoft’s blog post states, “This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind.”
“Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt,” a spokesperson said in a statement emailed to Mashable. “In March, we provided a security update which provides additional protections against this potential attack. Those who are running our free antivirus software or have Windows Update enabled, are protected.”
The new update is available here and those looking for more detailed information regarding WannaCrypt ransomware and how it may impact Windows can find it listed on the Microsoft security blog.
The rapid response from Microsoft indicates just how worrisome the ransomware attack has been for businesses around the world including vital organizations where computers are central to daily work such as hospitals and utility companies.
On Saturday, a report from Reuters indicated that the impact of the ransomware has been greatly reduced in recent hours due to the work of an unnamed UK-based researcher who worked to limit its spread.
May 13, 2017 / Comments Off on Microsoft releases Windows XP patch for WannaCrypt ransomware
The Windows 10 Creators Update may have only started rolling out, but Microsoft just gave us our first look at what’s next for Windows.
During the second day of its Build developer conference on Thursday, Microsoft unveiled the Windows 10 Fall Creators Update, which will launch later this year.
Though the update doesn’t bring many dramatic changes to Windows, Microsoft is adding a suite of new productivity tools that allow users to move between their PC and their iPhone or Android.
A feature called Timeline allows you to “jump back in time to find what you were working on” at some point in the past. Functionally, Timeline is something of an extension of Windows’ Task View, only now you’re able to see “a visual timeline that displays what you were doing when, you can easily hop back into files, apps and sites as if you never left.”
This also applies to Timeline-supported Microsoft apps running on your smartphone. So you could “look back” at, say, a Microsoft Word document you only opened on your iPhone.
Next up, a (very creatively named) feature called Pick Up Where You Left Off, which lets you start a task on your Windows PC, say editing a Word document, and pick it up on your phone exactly where you left off. A bit like Apple’s Handoff, the feature uses Cortana (so yes, you’ll need the Cortana app installed) to enable the switching.
Finally, Microsoft introduced Clipboard, which lets you copy and paste between your Windows PC and your smartphone, even if it’s an Android or iPhone. That may sound impossible but there’s one caveat: On iOS and Android the feature is powered by SwiftKey (that’s the keyboard app Microsoft acquired for $250 million last year), so you’ll need to have that app installed in order to use the feature.
While Microsoft embraced a cross-platform strategy ever since Satya Nadella took over as CEO more than three years ago, these updates are some of the most significant strides yet the company has made moves toward embracing iOS and Android. It’s also something of a tacit acknowledgment that the vast majority of smartphone users are simply not using Windows on their mobile device (for the second year in a row, Microsoft had almost nothing to say about Windows 10 mobile onstage at Build).
The Fall Creators Update also marks the debut of a new design language for Windows called Fluent Design (this is the official name for Project Neon). Rather than a dramatic shift, though, Fluent Design is all about helping enable similar experiences across many different types of devices, Microsoft says.
“Fluent Design will deliver intuitive, harmonious, responsive and inclusive cross-device experiences and interactions,” Terry Myerson, Microsoft’s executive vice president of the Windows and Devices Group, wrote in a blog post. “For developers, Fluent Design is built to help you create more expressive and engaging apps that work across a wide range of device and input diversity.”
May 11, 2017 / Comments Off on The next version of Windows embraces iOS and Android like never before
Microsoft will soon kick off the beginning of developer conference season with its event: Build. In addition to annual updates on the performance of Windows, Office and the Surface devices, Microsoft is expected to comment on a new Windows design language, codenamed “Project Neon” and share updates to the company’s AI research.
The keynotes will feature CEO Satya Nadella, EVP Scott Guthrie, EVP Harry Shum and EVP Terry Myerson across two events on Wednesday and Thursday.
The keynotes will kick off at 8 a.m. PT Wednesday and 8:30am PT Thursday when the company’s execs will take the stage at the Washington State Convention Center in Seattle. Here’s how to follow along:
You can watch Microsoft’s official livestream here.
Mashable‘s Lance Ulanoff and Karissa Bell will be sharing updates live before, after and during the event.
Microsoft’s new Surface Laptop isn’t the $300 education system we were expecting, but then that’s not Microsoft’s role in the PC industry.
It’s the hero of this story.
A decade or more of darkness. Average products. Poor builds. The computer as a commodity. Once dominant computer manufacturers couldn’t figure out how to make eye-catching products that weren’t more form than function.
This was, in part, Microsoft’s own fault. It built the Windows operating system and basically handed it to OEMs with a “Do with this what you will.” Obviously, there’s always been collaboration between Microsoft and hardware partners, but the OEMs always led the way on system design and, I guess, Microsoft always hoped for something better.
In the meantime, Apple’s Steve Jobs and then CEO Tim Cook tried to usher the world into the Post-PC era, even as that company built and sold its own personal computers.
The PC industry and, quite honestly, the PC, felt dead.
As we know, hardware revival came from an unlikely source.
Microsoft took its partners and really the entire Windows PC industry by the hand and showed them the way. A computer could be beautiful and functional. Design elements could serve capabilities. And what started with the Surface computer five years ago, a computer that straddled the line between tablet and ultra-portable, has culminated in this, the Surface Laptop, Microsoft’s first true clamshell computer, which Microsoft unveiled on Tuesday in New York City (along with the education-friendly Windows 10 S).
Like all the Surface computers that have come before it – Surface Pro, Surface Book, Surface Studio – the $999 Surface Laptop seeks to redefine a category with brash and unusual design choices, like a 3.6 mm-thin touch screen and a fabric-covered keyboard, that combine to make the portable more, not less, functional. My only quibble is that the wedge design makes the screen can’t fold all the way over onto the system’s back, which would, obviously, make it a convertible.
And to understand why today, a day in which Microsoft did not wow the world with a sub-$300 education laptop, is still a win for Microsoft, you need to know what Microsoft is doing in the PC space in the first place.
Form and Function
Microsoft’s plan with the Surface brand is not to, so to speak, flood the zone, covering every possible permutation of the venerable PC. Its all-in-one Surface Studio only arrived last year and it’s literally taken them years to build a non-convertible version of a laptop.
It’s also not building systems purely as a technology showcase. Yes, the Surface Book’s dynamic fulcrum hinge was unusual, but it was designed to help balance a system that split the battery and, in some cases, the discrete graphics and core CPU (and other components) into two slabs.
What Microsoft’s Surface design choices prove is that Microsoft focuses as much attention on industrial design as Apple does on each generation of the iPhone. Part of this is to show consumers and partners what’s possible, but most of it is to inspire current and future Windows customers.
Microsoft has never had an issue with operating system name recognition. Everyone knows, if not loves or likes, Windows. Microsoft has never had a recognizable hardware brand — until Surface.
Surface is now as well known as Dell, Acer and Asus. But like the Apple brand, it carries a certain cachet. One that Microsoft won’t trade to fill a “value” niche, even if it’s trying to attract education buyers. Doing so would only harm the brand and its design leadership position.
Much of this became clear to me as I peppered the Surface Laptop design team with questions about the keyboard and mostly screw-free design.
Easily the mostly startling aspect of the Surface Laptop is the keyboard. It’s a one-of-a-kind melding of aluminum, plastic and nylon.
As good as it looked, I couldn’t help but think that Microsoft has unnecessarily carpeted a computer.
“Why fabric?” I asked Microsoft Senior Designer Rachael Bell.
“First, why not?” said Bell, adding that a fabric-like material on keyboards has long been part of the Surface identity. While similar to Surface Touch Keyboard fabric, this material is different. I’d call it “feltier” but Bell told me it’s a non-woven, pressed nylon with a special polyurethane covering for durability, including water and chemical resistance.
Bell also reminded me that it’s “soft and beautiful to interact with,” and I had to admit that it felt good to the touch and comfortable when my palms rested on the spaces adjacent to the spacious touch pad.
However, she added, there’s utility and value here, too. A fabric covering allows Microsoft to hide the speaker under the keyboard. Yes, there are precision holes cut in the fabric for the speaker grill, but you really can’t see them. If the keyboard cover were plastic, you’d see the holes.
Still, I worried about how the covering would hold up to wear and tear. What if it peeled off?
Mechanical engineer Mohammad Haq explained that Microsoft developed a lamination process, using heat, pressure and a specially formulated adhesive, to bind the fabric to the chassis.
As I held the Surface Laptop in my hands, I examined that bond, looking for a lip, a place where some middle-school kid could gain purchase and peel the fabric right off. I couldn’t find one.
That perfect cut comes by way of an optical laser. The fabric cover starts out larger than the keyboard and then the laser trims away the excess leaving what looked like a one, clean edge.
During the Surface Laptop unveiling Microsoft Corporate VP Panos Panay said “When you hold the Surface Laptop, you will find no reference to how these parts came together.”
It’s true. I couldn’t see a screw anywhere. How did Microsoft do it? What’s holding this laptop together?
“There’s a considerable amount of adhesive, including heat activated pressure sensitive and liquid dispense (or hot melt),” said Haq.
The only place you’d find screws are in the three-element hinge and on the motherboard.
All this attention to detail comes together in a laptop that I could literally open and close with a fingertip.
It’s not a $200 or $300 laptop and that’s by design. Microsoft has poured an insane amount of detail and expertise into crafting its perfect ideal of a traditional laptop. It’s a product consumers will probably want and partners can learn from.
Ultimately, Microsoft will leave it to OEMs to build systems at the prices and variety consumers, especially education customers, demand, while it focuses attention on lust-worthy devices that remind people that Windows can live in cool hardware, too.
May 2, 2017 / Comments Off on With the Surface Laptop, Microsoft leads the PC industry back into the light