|
Better make sure it's on an m-disc. Normal dvd-r's have a very finite life before the ink layer seperates from the protective layer (I've been caught before thinking my backup dvds were good). In a high humidity environment of warmer than normal temps, the avg life could be about 2 years.
|
|
|
|
|
Thanks for the tip.
I know DVD/CD media has a finite lifespan. I'm doing regular daily, weekly, and monthly backups onto secondary HD and external HD. I've been doing DVD about every 6 months (as a fail safe) but now shifting to every 3 months. Storage is room temperature (60 F to 76 F) at low humidity. Life span in this situation should not be a problem.
Given my care in dealing with the internet I *think* I'm a low risk for infection. But not no-risk, hence my paranoid backups.
The real problem is not any of us, it's everyone else who can touch our personal and professional networks.
I keep in mind that every time someone makes something idiot proof, someone else creates a "better" idiot.
|
|
|
|
|
Well, uh, all I have to do is not give the program that's doing the nasty permission to cross the network.
There's paranoid, and then there's cautious and knowing what you're doing. Do a bit of research, before going crazy with a DVD burner -- Hell, a better solution would be to back-up once a day, then air-gap the backup discs.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
In an attempt to become the most secure IT company a local IT company shut down all their computers, fired all the employees, then the CEO resigned
|
|
|
|
|
Well, that is one alternative to maintaining sensible backups!
Get me coffee and no one gets hurt!
|
|
|
|
|
I don't open links from a non-known provenance.
However these emails were quite clever in that they included the postal addresses of the people they were aimed at. This fooled a lot of people into clicking on the link.
I could imagine the next version would be hackers looking for the word 'love' at the end of an email account they had hacked, then do an analysis of the email, write a similar email with a "look at these funny cat videos" link and spoof the sender's address. This could catch out even the most battle hardened IT troopers as not many of us can resist funny cat videos from family members.
I remember the good old earlier days of the interwebs when precisely for this reason we were all recommended to switch off javascript in our browsers and never click on any links in emails.
However nowadays browser security may again be becoming an issue largely because of the predominance of javascript enabled attacks. I hope I am wrong on this front and if I am please correct me.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume?
Don't open any e-mail that has an attachment without first confirming with the person who (appears to have) sent it to you, show only picture placeholders by default, and look both ways before crossing the road.
It ain't rocket surgery.
Curiosity killed the computer.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Mark_Wallace wrote: Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume?
I agree with what you are saying and think your previous post with the solution of having a means of replicating files is a decent way to go if you have the hardware resources.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
One of our customers recently opened a link from an email from his internet provider.
The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy.
The email was signed by the manager products and marketing (because they send invoices, apparently).
A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name).
It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices.
And it contained sentences like "To get more info a! bout...".
WHY THE HELL DO PEOPLE OPEN THESE LINKS!?
In this case the result was CryptoLocker, booooooom!
Mandatory Dilbert[^]
|
|
|
|
|
Did your customer pay, or was he fully backed up. Note: Most cryptolockers will encrypt even NAS devices. Backing up to a NAS is simply not enough!
Get me coffee and no one gets hurt!
|
|
|
|
|
I really don't know.
He wasn't my customer or even a customer of the team.
Just a customer of the company and someone shared the story on our internal website (with screenshot).
Come to think of it, maybe this was one of those "friend of a friend" scenario's and he really meant "me" when he said "customer"
|
|
|
|
|
They get email all the time has "VOICE MAIL MESSAGE FROM 5139756654 53sec" or randome numbers.
Inside is voice mail message.zip
In there becomes voice mail message.wav.exe
|
|
|
|
|
I remember years ago, when the Unix and Apple anti-Windows-Bitching Brigade (this was pre-Linux) were going on and on about one of the reasons Windows was cr@p was that it used file extensions, and files should be opened according to their content, not some stupid three-letter extension.
Trying to explain to a moron that he's a moron was just as hard then as it is now.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Quote: Trying to explain to a moron that he's a moron was just as hard then as it is now
Are you surprised? The word "moron" has more than three letters! Use little words with morons.
Get me coffee and no one gets hurt!
|
|
|
|
|
Well, don't leave us in excitement!
What did the voice mails say!?
|
|
|
|
|
That's what it took to get you going with backups?
|
|
|
|
|
No, I do take images but they could be done more regularly.
I checked my spreadsheet detailing which drives get imaged and when they were last imaged.
My C drive was last imaged in November last year so I thought it would be a very good idea to create another image.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
November?
I get annoyed at myself when the time I last did a backup gets counted in weeks.
|
|
|
|
|
I know - my life in the past year has been kind of busy.
I store the vast majority of my data on a cloud server with the ability to restore at any point in time(dropbox and so far it's pretty cheap too).
So the only real issue is my OS disk being imaged - if something did happen it would be a case of restoring the image and Windows updates, so while November isn't great, it's not a huge problem for a personal non-production environment machine.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
Ransomeware got into the place I work. The IT server group got called in and spent the night. In the morning, almost everything was restored from the backups.*
I was unaffected: I (and the other developers) have a box and were not in the forest when the fire broke out. I've had fear of attack since the 80's. For the hell of it, I keep my (home) NAS offline much of the time. Sounds crazy, but it's become storage central (do they call that a personal cloud these days). All goodies survived super storm Sandy on it's raid-1 drives, and I only lost the computers. Much easier to replace.
Except for the every-increasing cost of good aluminum foil, paranoia has its perks.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "As far as we know, our computer has never had an undetected error." - Weisert | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
Quote: paranoia has its perks
As far as data and computer safety is concerned: Oh yes! Paranoia serves its purpose.
Get me coffee and no one gets hurt!
|
|
|
|
|
Backups are a definite must ... and certainly can help with ransomware. But they sure as elephant don't even come close to being a silver bullet.
So I might be tempted to say you get 2 sub-kinds of the first kind:
- Those who know that a good backup routine is only a brick in the wall.
- Those who think having an "awesome" backup routine is all they need.
Personally I start off by stating: I am the weak link. I need to make sure I don't do stupid things like clicking on just any old thing, or opening mails from doggy sources. Next I take the line that a backup is blind ... if you don't catch things like ransomware soon enough, your backup is simply duplicating the ransomware spreading it further. So do tests on your data before and after backups, i.e. what anti-viruses "should" be doing but rarely actually "do".
And finally understand that no lock is pick-proof, no medicine works for all illnesses - same way all firewalls / AVs / etc. are just attempts to keep bad things out. And fixes and patches are just there to try and remove those bad things once they HAVE TAKEN HOLD. At which time your latest backup is most probably also infected and would help very little when you try to restore it.
|
|
|
|
|
Name the song:
public void Chorus()
{
Sugar you = new Sugar();
Body me = new Body();
if (you.Wants(me) && you.Thinks(me) == Impressions.Sexy)
{
you.Alert(me, Alerts.Know);
}
if (you.Needs(me))
{
you.Reach(out me, you.Touch(me));
((Honey)you).Tell(me, Alerts.So);
}
}
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Sugar Sugar (The Archies)?
Get me coffee and no one gets hurt!
|
|
|
|
|
Gawd! I'd forgotten them completely!
Nope, not that.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|