Saw the news about the recent ransomware outbreaks, and I’m just wondering on SAFENet, what if a malicious app disguise itself as a good one, and lure users to run it, then encrypt all user’s data and ask for some bitcoins? Is there anyway to prevent that from happening? Or is there some network features built-in that will totally nullify threats like that at all?
1 Like
All immutable data is unchangeable.
So basically just revert to previous version of the file and all is good again.
The issue maybe with MD (mutable data), but only data that is changeable, since MD includes append (unchangeable) and MDs owned by others that you can add to.
Also it has to have the required permissions to change data that is not associated with that APP.
So any ransomware is very limited in what it can do
That is my understanding of the current proposed storage system
5 Likes
Oh and I forgot the changes to files require spend of PUT balance to store the ransomware changed/encrypted data and often will be noticed when network asks for either permission to spend PUT balance or to spend a coin to buy more PUT balance
1 Like
Thanks for the quick replies.
Just wanted to be clear, so you are saying even if some virus can change/encrypt my data, but it still needs to spend my account. So as long as I don’t leave too many coins in my wallet, I’ll be notified low balance if something’s happening. And there’s no way for the virus to specify another account to spend. Is that correct?
Yes, any PUTs done by your account or APP you run on your account has to pay to PUT data
Yes. While the spend a coin to buy PUT Balance is yet to be programmed the idea is to either ask for every coin spent or have a kitty of coins that can be used without asking for spending to buy PUT Balance. Basically, you should not need to have no coins in the wallet, just no coins in kitty for spending on resources.
Well no. If your put balance had enough in it then the malware could copy itself to public file space and be available for downloads elsewhere. They can still store themselves on a USB if you have one attached. They could mail themselves to your known contacts (if there is a contacts file/list stored). This assumes there is enough PUT balance to do this.
I suppose that the advantage is that malware has a smaller attack surface and the permissions system will reduce this even further. But the threat is still there and the common sense things like don’t run unknown APPs and get APPs that many others have confirmed as good.
One other advantage (and a big one) is that your APPs you use will be unchangeable since immutable data cannot be changed. Only time changes occur is when you go to a new version of the APP which obviously is a new file (new immutable chunks). Virus checkers can help here to test the new version before you run it.
I suppose the answer is NO we still have to be very cautious of malware/virus, but their ability to cause problems is reduced somewhat and maybe in future iterations a VM will be created that allows APPs to be run in a sandbox mode without hindering its usefulness but allows identifying of misbehaving APPs before wrecking havoc.
1 Like