More Zonkyness

Blog

  • WannaCrypt Makes Other Malware Authors WannaCry

    It may not be very funny, but the funny thing about WannaCrypt is that it is somewhat of a failure! Unless the authors are spectacularly stupid (not entirely impossible incidentally), they have no way to recover their ill-gotten gains. The pile of looted bitcoins they have acquired is fully visible, so any attempt to use those coins will almost certainly result in them being tracked down – they have attracted too much attention.

    Which is another aspect of the WannCrypt malware – it has highlighted the vulnerability (MS17-010) and caused a huge vulnerability hunt. Which is causing those who wrote other malware (such as Adylkuzz) to gnash their teeth, because otherwise their malware would have quietly worked away in the background. The malware authors behind Adylkuzz have probably made more money than the WannaCrypt malware authors … and may well get away with their loot too.

    Which is why other malware authors “wannacry” – the attention that WannaCrypt has gotten has ruined MS17-010 for them.

  • When Windows Update Lies

    It seems rather strange when you discover it, but Windows Update sometimes lies about what updates have been installed. I am not sure how often this happens, but it does happen from time to time. Which with WannaCrypt rampaging around is somewhat unfortunate.

    What seems to happen is that Windows Update gets confused about what patches it has installed – it’s internal database gets corrupt. One possible fix for this is to remove the database :-

    net stop wuauserv
cd %systemroot%
ren SoftwareDistribution SoftwareDistribution.old
net start wuauserv
rd /s/q SoftwareDistribution.old

    When using Windows 10, you may well have to start (net start wuauserv) Windows Update services before stopping them. Once you have removed the directory, the next time you run Windows Update in the gooey, it will spend some time rebuilding it’s database and hopefully will then pick up the missing updates. No promises but this worked on at least one server that had unacknowledged missing patches.

    Of course without a proper vulnerability scanner it may be tricky to determine when Windows is lying about being fully patched. The best bet is to assume it is lying whenever something like WannaCrypt comes along.

    The other possibility is to look into something like Autopatcher which is intended for offline updates – you can download the Microsoft updates and use the tool to patch Windows computers from the downloads.

  • Canute, The Tide, and The Church

    Many of us know about the story of King Canute (or probably Cnut) and his attempt to hold back the tides. Although we English typically only give one king the suffix “the Great” (Alfred), Cnut himself is also known as “the Great” (perhaps more for his non-English endeavours). So it seems a touch unlikely that such a king would imagine he could control the waves by verbal command; if anything he might want to make fun of his courtiers by trying the impossible to indicate he was human.

    It is a popular tale with the Church too – it’s a great example of over-weaning pride which is one of the seven deadly sins. And Cnut as a Dane, probably was not the most popular king with the church, as Danes had only recently given up going viking and pillaging churches and monasteries (in the words of a fictional viking: “they gather all their gold and silver into one building. And then so conveniently mark those buildings with crosses.¨).

    But there is a far more prosaic explanation for the tale in which the Church uses a human disaster to laugh at people’s efforts to improve themselves.

    Before the raw sewage pollution in the 19th century put an end to it, the South coast was home to a massive oyster fishing industry that existed in the region for at least two thousand years. Indeed, oysters were one of the staple food sources for the poor until the 19th century.

    One of the ways that shallow water oyster fisheries can be improved is by building dyke-like structures that allow the high tide in, but keep some of the tide from escaping at low tide. As it happens, a place in West Sussex called Bosham happens to be ideal for this, and there is supposedly much archaeological evidence to show that these “dykes” had been built there repeatedly over the centuries.

    As anyone who lives by the sea knows, to build sea structures, you have to over-build and even then, exceptional storms will cause damage, and there is also archaeological evidence to show that the “dykes” at Bosham were washed away in exceptional storms every few hundred years.

    As it happens, Bosham was a royal estate in the time of Cnut (one of his daughters is supposedly buried at the pictured church), and it is all too likely that an exceptional storm would have destroyed the oyster beds whilst Cnut was holding Bosham. Thus the Church had an opportunity to use an economic disaster to poke fun at king they were probably not too fond of.

  • Thoughts On Chivalry …

    I have been reading a book on chivalry and knights recently, and every so often wanted to shout at the historian writing it, but as he isn’t listening to me I guess I’ll just have to shout at you instead.

    The main irritating claim was that the equipment of knights put entry out of the reach of ordinary ‘soldiers’. It is true that the need to provide a highly trained and specially bred horse or two, did significantly increase the cost of entry into the ranks.  But this is an overly simplistic analysis.

    For a start, if we look at the fighting men of the Anglo-Saxon forces facing the Normans in 1066, many (perhaps even most) would have been equipped with just a spear and shield. But a wealthy core would have been much better equipped with costly mail armour, swords, etc. Many within this core would have quite easily afforded the additional cost of a destrier or two.

    In addition, many of those ‘core’ soldiers would have been members of the royal household guards, or similar groups for other magnates. And it is likely that some or all of their equipment would have been provided by their lord. For example, look at William Marshall who whilst he was born into a privileged family certainly did not have the resources to pay for his own equipment; whilst his climb to become regent was exceptional and he was undoubtedly both exceptionally talented and exceptionally lucky, he would have almost certainly had to rely on being gifted his first destrier.

    Yes this is after the Anglo-Saxon era (although right at the beginning of the chivalric era), although there is no reason to suppose that similar arrangements could not also take place in the Anglo-Saxon period. It is simply common-sense – an earl would want to impress his king with the number of followers he could provide, and a well-equipped follower is better than a poorly equipped one.

    Onto chivalry itself: It’s a bit of a myth. Knights were generally expected to behave in a certain way with other knights and others of similar or higher rank, but lower ranks? The ordinary people? They were not so lucky; the standard way of making war consisted of sieges of fortified towns (resistance would usually result in extensive looting, killing, and raping of the inhabitants), open battles, and ravaging the landscape – burning crops, buildings, and generally making a nuisance – this later was intended to have an effect on the wealth of the lords of the territory, but the effect on the common people is predictable – death, rape, and impoverishment.

    And impoverishment generally led to famine. As an example, during the Thirty Years War, overall 25-40% of the population of German fell victim to famine.  Whilst other wars and battles may not have caused such widespread famines, there was undoubtedly a huge death toll in payment for the entertainment of kings and knights.

    And knights did not always act “knightly” towards their high-born prisoners either. Once a king (or other leader in battle) raised the dragon banner, no prisoners were taken including prisoners who would otherwise be worth a considerable amount in ransom.

    So the much vaunted “chivalry” was a conditional code of honour that could be discarded according to circumstances.

    On the other hand, the myth of chivalry did have some use – it fed the inclination leading to the laws of war and conventions on warfare such as the Geneva Convention(s). If anything the myth was more real than the reality of chivalry.

  • A Dummies Guide To Tactical Voting

    With an election coming up it is time to try and persuade those who do not vote to get out there and vote. One of the main reasons people give for not voting is because none of the candidates are inspiring enough. Well it is all very well waiting for a candidate that inspires you, but you could well be waiting for a very long time.

    Probably the second biggest reason for not voting is that with the first past the post system, there are places where voting for anyone other than the leading candidate is seen as a wasted vote. Nothing could be further from the truth! In almost every “safe” seat, if everyone who didn’t vote for the leading candidate all voted for an agreed alternative, then the seat could easily go to that alternative candidate. For example, the Arundel and South Downs constituency was won with 32 thousand votes in a constituency of nearly 100,000 – easily enough to overturn the Tory majority.

    As to tactical voting: It can be summed up by selecting the candidate you would most like to lose (such as the Tory candidate), and picking the candidate most likely to defeat them.

    Anyone can find out the last few election results (and a whole lot more) at http://www.electoralcalculus.co.uk/. Just look at the last few elections and vote for the second placed candidate (providing that’s not a Tory or a UKIP candidate of course!). And don’t keep punishing the Liberals for breaking their promises; they don’t break their promises any more than the others.

    Of course this may mean you are not voting for the candidate you want, but under the present voting system it makes more sense to vote against the candidate you dislike the most. Yes this is crazy, but so is using a voting system first used in the medieval era!