Yeay. @malwaretechblog sinkholed the kill-switch domain—attackers had help pages in many languages but didn't register their #@! domain.
-
-
Replying to @zeynep @MalwareTechBlog
This should stop the spread but none of this was guaranteed—there was a hard-coded kill-switch domain, and someone could get to it sooner.
2 replies 1 retweet 10 likes -
Replying to @zeynep
zeynep tufekci Retweeted Marcus Hutchins
Also, people, patch your systems, disable SMB unless you need it. Vulnerability isn't dead, just this incarnation.https://twitter.com/MalwareTechBlog/status/863191272969973760 …
zeynep tufekci added,
3 replies 13 retweets 7 likes -
Replying to @zeynep
zeynep tufekci Retweeted Matthew Olney
Some stuff points to this, but the live chat? Extensive help? Also hit Russia hard.https://twitter.com/kpyke/status/863203603615494144 …
zeynep tufekci added,
3 replies 4 retweets 7 likes -
Replying to @zeynep
zeynep tufekci Retweeted
Microsoft FINALLY gave XP patch to all, not just folks paying $$$$ for custom XP support. Could have done in March. https://twitter.com/josephfcox/status/863323401376735232 …
zeynep tufekci added,
This Tweet is unavailable.1 reply 22 retweets 16 likes -
Replying to @zeynep
Also this is why it was wrong a million ways to try to force Apple to use software updates to break into the San Bernardino attacker phone.
2 replies 4 retweets 22 likes -
Replying to @zeynep
This problem isn't what's reported in most coverage—NSA finds vulnerabilities. Everyone finds vulnerabilities. Problem is updates/patches.
1 reply 2 retweets 13 likes -
Replying to @zeynep
PS. I did write why forcing Apple to misuse updates was unacceptable—because of this scenario. I kid you not, got lost in NYT spam filter.

2 replies 2 retweets 15 likes -
Replying to @zeynep
NSA vulnerabilities question is important, but not the way most think. I think the key is how much NSA is offense vs defense oriented.
2 replies 1 retweet 8 likes -
Replying to @zeynep
Let me go write all this in long-form! My hope is that this may be a wake-up call; it is quite likely that people died because of WCry.
2 replies 3 retweets 15 likes
But practically: This method isn't dead; just this incarnation had a kill switch we were lucky enough to be able to use. PATCH AND UPDATE.
-
-
Replying to @zeynep
One question to infosec Twitter: My understanding is that Microsoft XP custom support customers had this patch in March. Any dispute?
3 replies 3 retweets 4 likes -
Replying to @zeynep
Saw this on Hacker News and thought it was a compelling argument about why patching is hard. https://www.cs.columbia.edu/~smb/blog/2017-05/2017-05-12.html …
0 replies 2 retweets 1 like
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.