On Mon, Feb 6, 2017 at 9:07 AM, Steve D'Aprano <steve+pyt...@pearwood.info> wrote: > As far as "regular backups", well, you're just not thinking deviously > enough. If I were to write a ransomware application, running as the regular > user, I would have the application encrypt files and emails just a few at a > time, over a period of many weeks, gradually increasing the rate. By the > time the victim has realised that their files have been encrypted, their > backups have been compromised too: you can restore from backup, but you'll > be restoring the encrypted version. >
If you commit everything to git and keep an eye on your diffs before you push, the encryption would have to be _extremely_ sneaky. For starters, it'd have to infect the 'git' command, so it has all the same protections other people have been talking about. It'd need to somehow make the SHA1s match, or else simultaneously infect my system and whereever I'm pushing to (which is sometimes GitHub and sometimes my own server). So the first thing is to infect everyone's git so it accepts the corrupted files as well as the correct ones... AND it has to still be able to show diffs, or I'd notice it very quickly. Is that still frightening complacency? ChrisA -- https://mail.python.org/mailman/listinfo/python-list
