Cannabis Sativa

thcscience_admin
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Oh
73.61.20.253 (talk)
Line 301: Line 301:
::Yeah I don't want to get into this dispute but I came to check because of ANI and noticed the same thing and was about to say something similar. Making conclusions from the code is [[WP:OR]], so the fact that you've looked at the code doesn't actually help us much. We need to rely on [[WP:RS|reliable secondary sources]]. I understand it can be frustrating when the sources seem to be wrong or oversimplified, but you need to use your expertise to find better sources, not introduce content into the article base on what you saw in the source code. [[User:Nil Einne|Nil Einne]] ([[User talk:Nil Einne|talk]]) 16:35, 14 May 2017 (UTC)
::Yeah I don't want to get into this dispute but I came to check because of ANI and noticed the same thing and was about to say something similar. Making conclusions from the code is [[WP:OR]], so the fact that you've looked at the code doesn't actually help us much. We need to rely on [[WP:RS|reliable secondary sources]]. I understand it can be frustrating when the sources seem to be wrong or oversimplified, but you need to use your expertise to find better sources, not introduce content into the article base on what you saw in the source code. [[User:Nil Einne|Nil Einne]] ([[User talk:Nil Einne|talk]]) 16:35, 14 May 2017 (UTC)
:Ah, too late: https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Incidents#Competence.2FWP:OWN_issue_on_ITN_article. The first step of dispute resolution is ''not'' ANI. [[User:Fences and windows|<span style="background-color:white; color:red;">Fences</span>]]<span style="background-color:white; color:#808080;">&amp;</span>[[User talk:Fences and windows|<span style="background-color:white; color:black;">Windows</span>]] 16:37, 14 May 2017 (UTC)
:Ah, too late: https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Incidents#Competence.2FWP:OWN_issue_on_ITN_article. The first step of dispute resolution is ''not'' ANI. [[User:Fences and windows|<span style="background-color:white; color:red;">Fences</span>]]<span style="background-color:white; color:#808080;">&amp;</span>[[User talk:Fences and windows|<span style="background-color:white; color:black;">Windows</span>]] 16:37, 14 May 2017 (UTC)
::The first step of seeing a duplicate section with unattributed quotes that border WP:PLAGIARISM is to remove the problematic parts. I've done 90% of the work to solve this mess so far by going through all his problematic edits and fixing them. All it takes is for an admin to warn him not to re-insert his 50 retarded edits. You instead try to lecture to an IP about language. You are absurd. You are why experienced users quit Wikipedia. Spend less fucking time on policing the community and more time on helping the actual fucking project. [[Special:Contributions/73.61.20.253|73.61.20.253]] ([[User talk:73.61.20.253|talk]]) 16:42, 14 May 2017 (UTC)


== Technical analysis of worm ==
== Technical analysis of worm ==

Revision as of 16:42, 14 May 2017

Portal listing

I've left a note about the event on the Current Events Portal talkpage. — Sasuke Sarutobi (talk) 16:53, 12 May 2017 (UTC)[reply]

Page title

I propose we move the page to WannaCry ransomware attack (2017). This way, we can leave this page open to be used as an article about WannaCry in general. Gestrid (talk) 18:23, 12 May 2017 (UTC)[reply]

Agreed. Makes sense. Go for it. 109.155.194.215 (talk) 20:12, 12 May 2017 (UTC)[reply]
 Done Went ahead and WP:BOLDly moved the page. Gestrid (talk) 20:48, 12 May 2017 (UTC)[reply]

Splitting of attack/ransomware pages

should there be 2 separate pages about Wannacry and the attack respectively, the page about Wannacry would cover the ransomware only and the attack page would cover the 12th May cyber attack and its fallout / reactions. — Popeter45 21:20, 12 May 2017 (UTC)[reply]

That was my reasoning for moving the page, though I'm not sure if there is enough information out there just yet for a standalone article on just the ransomware itself. Gestrid (talk) 21:25, 12 May 2017 (UTC)[reply]
What about the original phishing mails? How they were worded, etc. They must have been multi-language, and convincing.217.75.18.23 (talk) 08:35, 14 May 2017 (UTC)[reply]

Merge proposal

The following discussion is closed. Please do not modify it. Subsequent comments should be made in a new section. A summary of the conclusions reached follows.
Article merged. Gestrid (talk) 23:13, 12 May 2017 (UTC)[reply]

It seems there's another page about this topic. Do we merge its information to this page? Gestrid (talk) 22:05, 12 May 2017 (UTC)[reply]

Yes, I would go for it. Mz7 (talk) 22:22, 12 May 2017 (UTC)[reply]
No, clearly this contains hoax material, such as the demonstrably false "Many hospitals in Great Britain were closed for months, only treating near-dead patients". Drchriswilliams (talk) 22:35, 12 May 2017 (UTC)[reply]
Please consider your phrasing. It wasn't a hoax, it was simply not correct information. Next time you are welcome to correct errors by editing the article.--Rævhuld (talk) 23:10, 12 May 2017 (UTC)[reply]
There's a reason why {{current event}} says the article may be inaccurate. Gestrid (talk) 23:11, 12 May 2017 (UTC)[reply]
@Drchriswilliams: Thanks for pointing that out. I removed that bit of unsourced content, then redirected the article here. Looks like one section that could be merged has already been merged. Mz7 (talk) 22:44, 12 May 2017 (UTC)[reply]
 Merge complete. Mz7 (talk) 22:44, 12 May 2017 (UTC)[reply]
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Useful news links

Extended content
  1. https://www.usatoday.com/story/news/world/2017/03/15/cyber-attack-targets-major-twitter-accounts/99199366/
  2. http://timesofindia.indiatimes.com/world/uk/british-hospitals-say-hit-by-suspected-national-cyber-attack/articleshow/58647516.cms
  3. http://www.nato.int/docu/review/2013/Cyber/timeline/EN/index.htm
  4. http://www.zerohedge.com/news/2015-07-08/what-first-world-cyber-war-looks-global-real-time-cyber-attack-map
  5. http://www.nato.int/docu/review/2013/Cyber/timeline/EN/index.htm
  6. http://timesofindia.indiatimes.com/world/uk/british-hospitals-say-hit-by-suspected-national-cyber-attack/articleshow/58647516.cms
  7. https://www.theguardian.com/world/2017/jan/31/czech-cyber-attack-russia-suspected-of-hacking-diplomats-emails
  8. https://www.techopedia.com/definition/24748/cyberattack
  9. https://en.wikipedia.org/wiki/Cyber-attack
  10. http://www.hackmageddon.com/2015/08/10/july-2015-cyber-attacks-statistics/
  11. https://en.wikipedia.org/wiki/WannaCry
  12. https://www.yahoo.com/tech/russias-interior-ministry-says-computers-hit-virus-attack-212133477.html
  13. https://www.investing.com/news/technology-news/suspected-russia-backed-hackers-target-baltic-energy-networks-483145
  14. https://www.bing.com/images/search?q=Reed
  15. http://abc7.com/archive/7659840/
  16. http://www.dailymail.co.uk/news/article-193396/Millions-hit-virus.html
  17. https://home.mcafee.com/virusinfo/global-virus-map?ctst=1
  18. https://cybermap.kaspersky.com/
  19. https://home.mcafee.com/VirusInfo/Threat-Activity
  20. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2765010
  21. http://www.hackmageddon.com/2015/08/10/july-2015-cyber-attacks-statistics/
  22. https://www.forbes.com/sites/thomasbrewster/2017/05/12/nsa-exploit-used-by-wannacry-ransomware-in-global-explosion/#7aee0717e599
  23. http://www.bbc.co.uk/news/health-39899646
  24. http://itlaw.wikia.com/wiki/Computer_Virus_Attacks
  25. https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20
  26. https://www.theguardian.com/politics/2017/may/12/15m-oldsters-in-their-graves-could-swing-second-eu-vote-says-ian-mcewan
  27. https://www.theguardian.com/us-news/2017/may/12/donald-trump-threatens-james-comey-fbi-tapes
  28. https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack
  29. https://digital.nhs.uk/article/1491/Statement-on-reported-NHS-cyber-attack
  30. https://motherboard.vice.com/en_us/article/a-massive-ransomware-explosion-is-hitting-targets-all-over-the-world
  31. http://www.bbc.co.uk/news/uk-england-humber-37863949
  32. http://thelincolnite.co.uk/2016/11/delays-still-expected-at-lincolnshire-hospitals-cyber-attack/
  33. https://www.scmagazineuk.com/updated-ransomware-attack-on-40-nhs-trusts-all-over-the-uk/article/658864/
  34. http://thelincolnite.co.uk/2016/11/delays-still-expected-at-lincolnshire-hospitals-cyber-attack/
  35. http://www.bbc.co.uk/news/live/uk-england-lincolnshire-37833078
  36. https://www.scmagazineuk.com/breaking-nhs-trust-crippled-by-cyberattack/article/570117/
  37. http://www.lincolnshirelive.co.uk/disruption-for-patients-as-systems-go-down-at-lincoln-county-hospital-after-massive-nhs-cyber-attack/story-30329254-detail/story.html
  38. https://www.pressandjournal.co.uk/fp/news/aberdeen/828084/nhs-grampian-faces-outbreak-of-cyber-attacks/
  39. https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20
  40. http://www.desinerd.co.in/wannacry-ransomware-hits-spain-italy-portugal-russia-and-ukraine/
  41. https://twitter.com/JakubKroustek/status/863045197663490053
  42. https://www.telefonica.com/es
  43. https://www.telefonica.com/es/web/shareholders-investors/calendario?p_p_id=122_INSTANCE_WlzkF2O3JKJf&p_p_lifecycle=0&p_p_state=normal&p_p_mode=view&p_p_col_id=_118_INSTANCE_pJnMvwVf6Mbn__column-2&p_p_col_count=1&p_r_p_564233524_resetCur=true&p_r_p_564233524_categoryId=123453735%2C311118
  44. http://www.nhs.uk/pages/home.aspx
  45. https://twitter.com/nhs
  46. http://www.nhsonline.org/
  47. https://uk.news.yahoo.com/u-k-national-health-hit-153708430.html
  48. https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack
  49. https://www.theguardian.com/world/2017/may/12/popularity-of-sushi-has-brought-rise-in-parasitic-infections-warn-doctors-anisakiasis
  50. https://www.theguardian.com/politics/live/2017/may/12/general-election-2017-no-more-handholding-trump-corbyn-politics-live
  51. http://www.ibtimes.co.uk/telefonica-hack-ransomware-attack-internal-network-forces-computer-shut-down-1621350?utm_source=yahoo&utm_medium=referral&utm_campaign=rss-related&utm_content=/rss/yahoous/news
  52. http://www.ibtimes.co.uk/nhs-cyberattack-ransomware-assault-paralyses-uk-hospitals-putting-thousands-risk-1621375
  53. http://www.bbc.co.uk/news/health-37186455
  54. http://www.bbc.co.uk/news/health-39899646
  55. http://www.bbc.co.uk/news/world-europe-39870460
  56. https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack
  57. https://uk.news.yahoo.com/telef-nica-hack-ransomware-attack-131624307.html
  58. http://ex.ibt.uk/tv/promotion?utm_source=ibtimes&utm_campaign=ibtuk&utm_medium=IBT
  59. http://www.ibtimes.co.uk/3d-printing-future-f1-racing-1615985
  60. https://finance.yahoo.com/news/spanish-companies-hit-ransomware-cyber-132052215.html
  61. http://www.bbc.co.uk/news/health-39899646
  62. https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack
  63. https://teiss.co.uk/2017/05/12/telefonica-ransomware-attack-employees-asked-pull-plug-computers/
  64. http://www.bbc.co.uk/news/health-39899646
  65. https://www.nytimes.com/2016/12/14/technology/yahoo-hack.html?_r=0
  66. http://www.bbc.com/news/technology-38934822
  67. http://www.zdnet.com/article/nomx-the-most-secure-email-service-can-be-easily-hacked/
  68. https://www.infosecurity-magazine.com/news/nomx-researchers-defend-unfair-test/
  69. https://www.scmagazineuk.com/updated-nomx-secure-email-server-challenged-by-british-researchers/article/653222/
  70. http://www.msn.com/en-sg/money/technology/massive-cyber-attack-grinds-liberias-internet-to-a-halt/ar-AAjSeBP
  71. http://www.telegraph.co.uk/technology/2016/11/04/unprecedented-cyber-attack-takes-liberias-entire-internet-down/
  72. https://www.theguardian.com/technology/2016/nov/03/cyberattack-internet-liberia-ddos-hack-botnet
  73. http://www.telegraph.co.uk/technology/2016/11/04/how-a-cyber-attack-could-sabotage-the-us-election/
  74. http://europe.newsweek.com/hackers-take-down-liberias-internet-series-cyberattacks-517141?rm=eu
  75. http://www.telegraph.co.uk/technology/2016/11/04/how-a-cyber-attack-could-sabotage-the-us-election/
  76. http://www.rappler.com/technology/news/151338-cyber-attack-disrupts-internet-liberia
  77. http://www.nst.com.my/news/2016/11/186023/huge-cyber-attack-disupts-internet-liberia
  78. http://themarketghana.com/news/technology/12784/Massive_CyberAttack_Grinds_Liberias_Internet
  79. https://amp.theguardian.com/technology/2016/oct/22/cyber-attack-hackers-weaponised-everyday-devices-with-malware-to-mount-assault
  80. https://www.cnbc.com/amp/2016/10/21/major-websites-across-east-coast-knocked-out-in-apparent-ddos-attack.html
  81. http://www.onenewspage.com/video/20161021/5839140/FBI-Is-Investigation-Cyber-Attack-on-Internet-Infrastructure.htm
  82. http://www.41nbc.com/2016/10/24/cyber-attacks-now-closer-to-your-home-than-ever/
  83. http://finance.yahoo.com/news/companies-urged-multiple-vendors-wake-014037572.html;_ylt=AwrBT9YN.w1Yq.gA02NXNyoA;_ylu=X3oDMTEyaHZjYzhtBGNvbG8DYmYxBHBvcwMxBHZ0aWQDQjE4NzlfMQRzZWMDc2M-
  84. http://www.nbcnews.com/tech/security/amp/internet-outage-shows-how-sophisticated-attacks-can-target-your-home-n671561
  85. https://www.yahoo.com/tech/twitter-spotify-disrupted-internet-provider-reports-attack-131047632.html
  86. http://www.pcmag.com/article2/0,2817,2396611,00.asp
  87. http://www.theregister.co.uk/2014/08/27/nowegian_oil_hack_campaign/
  88. https://nakedsecurity.sophos.com/2014/08/28/massive-cyber-attack-on-oil-and-energy-industry-in-norway/
  89. http://www.scmagazineuk.com/hundreds-of-norwegian-energy-companies-hit-by-cyber-attacks/article/368539/
  90. http://www.csoonline.com/article/2599258/cyber-attacks-espionage/50-norweigian-oil-companies-suffer-cyber-attack.html
  91. http://www.digitaljournal.com/internet/anonymous-norway-claim-massive-cyber-attack-on-norwegian-banks/article/389030
  92. https://www.yahoo.com/tech/twitter-netflix-slow-return-reported-163619988.html
  93. http://www.thenational.ae/uae/technology/uae-is-vulnerable-to-cyber-attacks
  94. https://www.yahoo.com/tech/twitter-spotify-disrupted-internet-provider-reports-attack-131047632.html
  95. http://baltimore.cbslocal.com/2016/10/22/cyber-attack-affects-major-websites-culprit-still-to-be-named/
  96. https://www.yahoo.com/tech/twitter-spotify-disrupted-internet-provider-reports-attack-131047632.html
  97. http://baltimore.cbslocal.com/2016/10/22/cyber-attack-affects-major-websites-culprit-still-to-be-named/
  98. http://www.foxnews.com/tech/2016/10/21/major-disruptions-online-as-cyber-attack-hits-internet-services-company.html
  99. http://baltimore.cbslocal.com/2016/10/23/baltimore-city-officer-does-the-juju-on-that-beat-dance/?e=mPHwhqydQAK1LA
  100. http://baltimore.cbslocal.com/2016/10/21/big-questions-after-cyber-attacks-cripple-east-coast/?e=lKbN-K*JDwCUXw
  101. http://baltimore.cbslocal.com/2016/10/21/naval-academy-to-break-ground-for-new-cybersecurity-building/?e=lKbN-K*JDwH4RQ
  102. https://www.ready.gov/cyber-attack
  103. https://www2.fireeye.com/PPC-security-predictions-for-2016-threat-research.html?utm_source=google&utm_medium=Security_Predictions_2016&utm_keyword=cyberattacks&utm_campaign=General
  104. http://www.nbcnews.com/tech/security/cyber-attack-power-grid-could-cost-1-trillion-report-n388581
  105. https://www.yahoo.com/tech/twitter-spotify-disrupted-internet-provider-reports-attack-131047632.html
  106. http://www.reuters.com/article/us-usa-cyber-idUSKCN12L1ME
  107. https://www.yahoo.com/tech/twitter-spotify-disrupted-internet-provider-reports-attack-131047632.html
  108. https://en.wikipedia.org/wiki/Dyn_(company)
  109. https://en.wikipedia.org/wiki/Dyn_(company)#Distributed-Denial-of-Service_attack
  110. http://www.tech.com.pk/2016/10/waves-cyber-attacks-hit-netflix-spotify-twitter.html
  111. http://www.bbc.co.uk/news/technology-37728015
  112. https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/
  113. http://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-explained
  114. http://www.informationsecuritybuzz.com/hacker-news/__trashed-2/
  115. http://europe.newsweek.com/hackers-take-down-liberias-internet-series-cyberattacks-517141?rm=eu
  116. http://www.bbc.co.uk/news/technology-37859678
  117. https://krebsonsecurity.com/2016/11/did-the-mirai-botnet-really-take-liberia-offline/
  118. http://www.information-age.com/liberias-internet-hacked-123463064/
  119. http://www.myrtlebeachonline.com/news/nation-world/world/article112624328.html
  120. https://metroble.com/news/no-hackers-apparently-didnt-take-down-the-entire-liberian-internet#.WCrIfhqLTcs
  121. https://www.theguardian.com/technology/2016/nov/03/cyberattack-internet-liberia-ddos-hack-botnet
  122. http://www.bbc.co.uk/news/technology-37859678
  123. https://krebsonsecurity.com/2016/11/did-the-mirai-botnet-really-take-liberia-offline/
  124. http://allafrica.com/stories/201611081145.html
  125. https://fronteranews.com/news/africa/kenya-fears-an-even-bigger-cyber-attack-is-coming/
  126. https://www.yahoo.com/tech/russias-interior-ministry-says-computers-hit-virus-attack-212133477.html
  127. https://www.investing.com/news/technology-news/suspected-russia-backed-hackers-target-baltic-energy-networks-483145
  128. https://www.bing.com/images/search?q=Reed
  129. http://abc7.com/archive/7659840/
  130. http://itlaw.wikia.com/wiki/Computer_Virus_Attacks
79.77.211.89 (talk) 23:04, 12 May 2017 (UTC)[reply]

Technical details

Technical details - https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware — Preceding unsigned comment added by Abhishikt (talk • contribs) 00:06, 13 May 2017 (UTC)[reply]

Background

We might edit the section title to something more suitable? And if someone please could proof read it? I wrote the section, and I don't know if I got something wrong there?--Rævhuld (talk) 23:06, 12 May 2017 (UTC)[reply]

Kaspersky Lab note

Why is this in here, it literally has nothing to do with the content of the article? Sephiroth storm (talk) 02:33, 13 May 2017 (UTC)[reply]

Agreed: the only mentions of the two together that I can find online are quotes from KL on the threat and its remediation, and some news articles saying that they were the first to announce the threat. Conflating that with other political issues to do with Russia is misleading, or WP:Synthesis at best. Uncle Roy (talk) 02:39, 13 May 2017 (UTC)[reply]

Stopped the virus spread

'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack Can we place this in the article. Sherenk1 (talk) 04:48, 13 May 2017 (UTC)[reply]

Is now included. Snori (talk) 10:42, 13 May 2017 (UTC)[reply]
Malwarebytes is reporting that the "killswitch" won't work on the many corporate networks that access the internet through a proxy: https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r (There's some debate in the comments though and the original source blog says they haven't tested it in a VM, so it might be fair to wait for confirmation of this.) See also: https://blog.didierstevens.com/2017/05/13/quickpost-wcry-killswitch-check-is-not-proxy-aware/ --Thomas Btalk 17:09, 13 May 2017 (UTC)[reply]
@Thomas B: We can't use blogs as sources per WP:BLOGS. They generally don't have as much, if any, editorial oversight as news websites do. This is even true for blogs run by news websites such as, for example, Fox News Insider. Gestrid (talk) 19:56, 13 May 2017 (UTC)[reply]
@Gestrid: Thanks Gestrid. Don't worry, I wasn't recommending we do so. I was adding information to the talk thread that may be of use to those seeking more information while we await more substantial verification. But for the record, you seem to be misstating the policy on blogs, which are sources that should be used with care (just never used for living persons). Remember, "The appropriateness of any source depends on the context." Peer reviewed sources are the best sources, so if multiple independent security researchers comment on each others' work through cross-referenced blog posts with actual code samples that are subject to easy independent verification, then that may merit inclusion. The Guardian's process for verification of a quick moving story on a highly technical subject involves asking a few people at a single point in time, so it may not produce the same level of reliable content. Remember, the goal of WP:SOURCES is reliability and verifiability. The heuristic of preferring journalistic sources over blogs is just a heuristic, and there may be special cases that break that rule. This may be one such case, maybe not. But there is certainly no hard and fast prohibition on blogs, or even blogs run by newssites, which WP:SOURCES even explains how to reference. --Thomas Btalk 23:05, 13 May 2017 (UTC)[reply]

Could you add an explanation why the kill switch {what mean unplugging the comp from power line } is not working. The personal yps devices era designed so the lame victims (aka customer or user ) can not power off they attachments. There is no way to remove the battery and the turn off button is merely pp fake for peace of mind decoration. This was visible by netmonitoring (eg wireshark's taps) years ago where believed turn off devices exchanged to Mbase encrypted packets //and this is so manufactured day to day operation. [knwnxample:= the turn off tv verting spk to mik] — Preceding unsigned comment added by 99.90.196.227 (talk) 09:40, 14 May 2017 (UTC)[reply]

Wikileaks?

Someone named Kurt Knutsson who was on Fox Business blamed it on last month's Wikileaks document "dump"--perhaps this should be mentioned in this article, if there is an RS.Zigzig20s (talk) 07:49, 13 May 2017 (UTC)[reply]

No. The KK chap is misinformed. It's surreal and confusing, but attack toolkits from both the CIA and the NSA have been leaked recently. The ones Wikileaks leaked were the CIA's. Snori (talk) 10:38, 13 May 2017 (UTC)[reply]
No. Fox News is not a reliable news agency.--Rævhuld (talk) 12:21, 13 May 2017 (UTC)[reply]
What absolute rubbish. They are as reputable as any other major news network. HammerFilmFan (talk) 04:58, 14 May 2017 (UTC)[reply]
Fox News is citable like any other news agency. Not all commentary meets the criteria to be cited, but please do not spread misinformation. Fox News is cited throughout Wikipedia. Whamper (talk) 14:48, 13 May 2017 (UTC)[reply]
I was asking for an RS anyway. Not a TV interview. But I provided the youtube link to show where I heard the info (I didn't make it up). Are there RS which deny the info please?Zigzig20s (talk) 18:37, 13 May 2017 (UTC)[reply]

"We will have free events for users who are so poor that they couldn't pay in 6 months" ?

What is the significance of that? 80.140.197.186 (talk) 10:34, 13 May 2017 (UTC)[reply]

Blather. If you trust malware authors, and if you can wait 6 months, they *might* give you a decryption key. Not much comfort there. Snori (talk) 10:41, 13 May 2017 (UTC)[reply]
above POV? 6m this is the estimated time the agency need for transfer all users data to central storage and not too overload available links. the spook/zbuk deceive humane. dont be fooled see who designed it in first place. — Preceding unsigned comment added by 99.90.196.227 (talk) 09:54, 14 May 2017 (UTC)[reply]

Russian ministries

Just deleted this from the intro. If three Russian ministries avoided being infected by "repulsing" the attack, why is it news? In fact the references (when translated) say that "the servers were not infected because they run 'a different operating system'", and at the Ministry of Internal Affairs the attack, "was localized, no leakage of information occurred" - the same could, and was, said of the NHS. Snori (talk) 19:36, 13 May 2017 (UTC)[reply]

Map image

I added this. Feel free to remove it if you feel it doesn't add much to the article. It wasn't much effort to make or upload. Anna Frodesiak (talk) 21:10, 13 May 2017 (UTC)[reply]

affected is systems

Is it just Microsoft that is having issues with this, or are apple and ibm and other computer groups experiencing this same issue? Also, is it safe to go online with a Microsoft machine right now? I have mine physically disconnected from the internet line when I am not there to use it with this exact situation in mind, but I have no idea how to check and see if I have the patch needed to keep my machine uninfected. 2600:1011:B018:196E:3925:4863:EC2:A9C8 (talk) 23:42, 13 May 2017 (UTC)[reply]

It's a Windows problem. If Apple or IBM computers are running Windows, they're vulnerable. - Nunh-huh 00:14, 14 May 2017 (UTC)[reply]

Rename

To WannCry cyber attack, as most readers are unfamiliar with "ransomware". fgnievinski (talk) 23:38, 13 May 2017 (UTC)[reply]

@Fgnievinski: I've created a redirect at WannaCry cyber attack. If you want to start a move request, take a look at WP:RM. All the instructions are there. Anarchyte (work | talk) 05:53, 14 May 2017 (UTC)[reply]
As no objections had been raised, I conclude the proposal was non-controversial, so I took the liberty of going ahead with it. fgnievinski (talk) 06:48, 14 May 2017 (UTC)[reply]

University of Waterloo?

Cite note doesn't work... — Preceding unsigned comment added by 2607:FEA8:4EE0:784:EDF1:D58A:EA07:1855 (talk) 07:53, 14 May 2017 (UTC)[reply]

doesn't work: D0 you mean they didn't send BT yet? — Preceding unsigned comment added by 99.90.196.227 (talk) 09:44, 14 May 2017 (UTC)[reply]

Article was seriously harmed

There has been a massive amount of amateurish/incorrect edits made by one user, User:GliderMaven, over the past day. The user made no attempt at talk page discussion nor collaboration, and unfathomably reverted legitimate edits by other users on at least one occasion.

These are examples of edits that blatantly fall under WP:OR or WP:SYNTH:

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780294423

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780317291

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780318804

These edits are factually incorrect or misleading:

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780194041 (this incorrectly identifies one person as "researchers", etc.)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780294423 (this contains a sheer fabrication)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=780317291&oldid=780316995 (would be WP:OR if this is true, but it isn't even true if you actually look at the data)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=780321147&oldid=780320163 (these two are overlapping)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=780323500&oldid=780323351 (incorrect interpretation of phishing)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780322912 (the edit summary also makes zero sense)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780324990 (this is uncited/OR, and is technically confusing, and is probably incorrect, depending on your interpretation. In any case, it's clear he doesn't understand the relationship between phishing attack and antivirus software.)

These are attempts to improve grammar/prose that are grammatically incorrect or very awkward:

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780293149

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=780338512&oldid=780338198

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780295658 ("registering for a DNS sinkhole" does not make technical sense either)

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780292481 ("may be a bug whose code..." - again, both grammatically and technically incorrect)

These are other edits that are contrary to WP:MoS and usual practice:

https://en.wikipedia.org/w/index.php?title=WannaCry_cyber_attack&diff=prev&oldid=780319655

A number of other edits are attempts to adjust his own copyedit oversights, such as this edit. I haven't included mistakes that had been corrected by himself and other users, but there is a decent number of these, as some other editors can testify.

Finally, the user also made a bizarre attempt to swap a content section with a paragraph in the lede. He then reverted back 5 edits, including his own, and added back some of the content himself It's not clear if this is a good faith attempt followed by bad editorial practice, or if he has an issue with WP:OWN and is trying to camouflage other edits as his own.

Otherwise, this is a clear case of a user with good faith who doesn't meet WP:CIR. The user is not familiar with basic WP:MoS guidelines. The user evidently does not possess the minimum competency to be altering technical information for a front page article. The user is also likely ESL or has poor verbal fluency.

I have painstakingly tried to reverse most of these problematic edits while retaining some legitimate contributions. Please help keep track, and please correct me if I've accidentally removed legitimate changes. 73.61.20.253 (talk) 13:20, 14 May 2017 (UTC)[reply]

Adding a note: while working on reverting these edits, I've noted that the user has basically duplicated three paragraphs and created an extra section with it. This was disguised by a large number of edits (and other users trying to correct/improve on his edits), but the article as-is made zero logical sense. I've made some quick deletions due to how absurd it was. Again, please correct/amend if anything was accidentally removed. 73.61.20.253 (talk) 14:06, 14 May 2017 (UTC)[reply]
Your rewriting seemed more factual and clearer, although it was reverted based on the fact you are an anonymous user. Not sure what to do, but I don't wanna feed any troll... Psadm (talk) 15:02, 14 May 2017 (UTC)[reply]
The correct thing to do is to follow WP:MoS, and to remove the duplicate section that additionally fringes on unattributed copy-and-pasting (i.e. plagiarism) from a front page article. I've taken this incident to WP:ANI, hopefully someone with more time on their hands can deal with the problem user. You should chime in.
You're not worried about feeding a troll, you're worried about picking a correct but tedious fight against an incompetent user. Instead you decided to edit war with him on a sourcing issue (that you are completely, and obviously, correct on) while ignoring a number of extremely poor edits he made elsewhere. This is a way too passive approach.73.61.20.253 (talk) 15:27, 14 May 2017 (UTC)[reply]
With all due respect I am a very experienced computer professional, and I do understand the nuances of this, where apparently you don't 73.61.20.253. Where you're claiming OR, I actually read the articles and understood them, whereas you're taking them completely at face value. All of the sources you've read summarise and oversimplify things, whereas I've actually looked at pieces of the code and so forth. The evidence we have is that it's mostly spreading as a worm by the SMB protocol, but it's believed to also spreading via phishing at lower incidences; the code base was modified from a phishing attack, and that code is still believed to be operational; you removed all information about the nature of the attacks from the article, including many, many references.GliderMaven (talk) 15:11, 14 May 2017 (UTC)[reply]
I agree that "it is believed" that the infection may have come from a phishing campaign, although no evidence have been found. It is worth mentioning that this is what some might believe, but wikipedia should remain neutral and not states what some people believe as actual facts. The thing is, in its known form the worm is actually able to infect computer remotely, and I cited several articles showing that the number of vulnerable computers directly facing the internet is in the hundreds of thousands. Let's see what was the initial vector, but from what is known, phishing is the least likely explanation, thus wikipedia should not serve it as a fact. Psadm (talk) 15:20, 14 May 2017 (UTC)[reply]
Except that that's the position of the professionals., and I don't mean me. The point of Wikipedia is to include the opinion of the professionals. Note that the IP who is (essentially) vandalising the article removed even the fact that it's a computer worm. Right?GliderMaven (talk) 15:24, 14 May 2017 (UTC)[reply]
As a professional myself, this is not my position, to be honest. I agree that the edit was a bit rough and may have unnecessarily removed some correct parts. Although I am confident that if the initial vector was phishing, we would have known by now. Psadm (talk) 15:28, 14 May 2017 (UTC)[reply]
'A bit rough' is kind of understating it.
For epidemiological reasons the infections found so far in the wild would be completely dominated by the fast reproducing worm. And the researchers know beyond all reasonable doubt how the code was derived; the wanna-crypt type codebase has been around for quite a while but without the EternalBlue attack payload.GliderMaven (talk) 15:53, 14 May 2017 (UTC)[reply]
You don't seem to understand that EternalBlue is a remote (as in remotely, from far away, exploitable) exploit. 73.61.20.253 is right on both things, you are utterly incompetent and I am way too passive. Anyway, I an done for today but keep in mind that you are the kind of contributor that makes people believe wikipedia is not a credible source. Psadm (talk) 16:05, 14 May 2017 (UTC)[reply]
GliderMaven, you have an extremely limited familiarity on the subject. Please defer to expert users such as ^. Please also address the plagiarism issues and other egregious WP violations before re-inserting your edits, either here or in ANI. 73.61.20.253 (talk) 15:35, 14 May 2017 (UTC)[reply]
Uh huh. Did you even know it's spreading as a worm? You removed that fact from the article? How about you don't make large scale changes to the article like that without confirming that here, and then start swearing at other editors?GliderMaven (talk) 15:53, 14 May 2017 (UTC)[reply]
Please try Wikipedia:Dispute resolution and tone down the rhetoric. Swearing in a section heading is not OK. You might try asking for help from the various relevant WikiProjects. I don't know who might be right in this dispute, but I wanted to comment on this: "Where you're claiming OR, I actually read the articles and understood them, whereas you're taking them completely at face value. All of the sources you've read summarise and oversimplify things, whereas I've actually looked at pieces of the code and so forth." Actually, that does sound like original research. You need to be very careful not to add your own conclusions and ideas into the article. Expertise can be useful in finding and assessing sources, but sometimes it also stands in the way of neutral writing. Fences&Windows 16:32, 14 May 2017 (UTC)[reply]
Yeah I don't want to get into this dispute but I came to check because of ANI and noticed the same thing and was about to say something similar. Making conclusions from the code is WP:OR, so the fact that you've looked at the code doesn't actually help us much. We need to rely on reliable secondary sources. I understand it can be frustrating when the sources seem to be wrong or oversimplified, but you need to use your expertise to find better sources, not introduce content into the article base on what you saw in the source code. Nil Einne (talk) 16:35, 14 May 2017 (UTC)[reply]
Ah, too late: https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard/Incidents#Competence.2FWP:OWN_issue_on_ITN_article. The first step of dispute resolution is not ANI. Fences&Windows 16:37, 14 May 2017 (UTC)[reply]
The first step of seeing a duplicate section with unattributed quotes that border WP:PLAGIARISM is to remove the problematic parts. I've done 90% of the work to solve this mess so far by going through all his problematic edits and fixing them. All it takes is for an admin to warn him not to re-insert his 50 retarded edits. You instead try to lecture to an IP about language. You are absurd. You are why experienced users quit Wikipedia. Spend less fucking time on policing the community and more time on helping the actual fucking project. 73.61.20.253 (talk) 16:42, 14 May 2017 (UTC)[reply]

Technical analysis of worm

See The worm that spreads WanaCrypt0r Esowteric+Talk 16:04, 14 May 2017 (UTC)[reply]

source: https://en.wikipedia.org/w/index.php?title=Talk%3AWannaCry_cyber_attack&type=revision&diff=780368101&oldid=780367596

Leave a Reply