best way to ensure './' is at beginning of sys.path?
Chris Angelico
rosuav at gmail.com
Sun Feb 5 17:26:40 EST 2017
On Mon, Feb 6, 2017 at 9:07 AM, Steve D'Aprano
<steve+python at pearwood.info> wrote:
> As far as "regular backups", well, you're just not thinking deviously
> enough. If I were to write a ransomware application, running as the regular
> user, I would have the application encrypt files and emails just a few at a
> time, over a period of many weeks, gradually increasing the rate. By the
> time the victim has realised that their files have been encrypted, their
> backups have been compromised too: you can restore from backup, but you'll
> be restoring the encrypted version.
>
If you commit everything to git and keep an eye on your diffs before
you push, the encryption would have to be _extremely_ sneaky. For
starters, it'd have to infect the 'git' command, so it has all the
same protections other people have been talking about. It'd need to
somehow make the SHA1s match, or else simultaneously infect my system
and whereever I'm pushing to (which is sometimes GitHub and sometimes
my own server). So the first thing is to infect everyone's git so it
accepts the corrupted files as well as the correct ones... AND it has
to still be able to show diffs, or I'd notice it very quickly.
Is that still frightening complacency?
ChrisA
More information about the Python-list
mailing list