[blisterpeanuts]

The FBI should always advise companies never to pay ransoms. It's the only way to stop it. The Bureau doesn't care if a company or individual loses data. They do care about crime, and the only logical way to stop a class of crime is to remove all financial incentive.

Whoever is advising people to "just pay the ransom" is a fool.

[tptacek]

No matter what the FBI says, ransomware is going to continue until vendors ship systems that are secure enough to prevent ransomware by default.

Meanwhile, "don't pay the ransom" is not an honest answer to "what's the best thing for me to do now that I'm infected".

[blisterpeanuts]

"Don't pay the ransom" is just the first sentence. The rest of the paragraph would be: "Restore your data from backups, and have an IT professional come in and remove the malware if it's also on the backup."

Just telling people to pay the ransom is idiotic. It actually leaves the malware in place, and what guarantee is there that they won't be blackmailed again the next day?

[vonklaus]

is it possible for vendors to ship a system like this that would also allow for users to encrypt their entire hard drives? Maybe it would be something like OS X firmware lockdown, but that is less convenient and takes away a lot of the options for the user.

Is this an either/or scenario?

[tedunangst]

Lots of vendors ship encrypted hard drives. Some of them are even almost secure.

Or are you asking can a vendor prevent a compromised user account from installing pgp and encrypting everything? Probably not very well.

[mtgx]

Next up, FBI will say you should negotiate with the terrorists.

From removing advice that you should encrypt your data, to arguing for backdoors, to advising that you should pay ransoms, Comey has been a complete buffoon.

[tptacek]

This has fuck-all to do with James Comey. You might as well blame Obama, or Ban Ki-moon.