The word is spreading on the Internet that respected secure email provider ProtonMail has been hacked by an anonymous group. A pastebin post claims that the company intentionally undermined its own security features, allowing the hacker group to infiltrate the front-end code and steal the passwords and data. They also make some wild claims about ProtonMail’s own activities and those of their users.
Troy Hunt is done with IRL analogies being forced onto digital concepts. But maybe the problem isn’t the analogies, but the expectations we put on them. Analogies can be useful, but only if we acknowledge their limits while using them.
Richard Arnold put together a concise piece to address a lot of questions and concerns coming out of the WannaCrypt crisis. He outlines a little history and context for what exactly is ransomware. He then takes a storage centric approach to outlining basic IT policies that would help mitigate future disruptions.
The piece is a great summation. It doesn’t have the audacity to say the attack was preventable, but rather that best practices could serve to limit future disruptions. It’s an interesting read to wrap your head around a global issue.