Why ransomware viruses still exist?

This is an Operating Systems question.

Ransomware is a type of computer virus that encrypts files in an operating system in the background, then it pops-up a message asking for money in order to get the decryption key.

An operating system has measures that prevent unauthorized actions by a program. For example, any file you create as an admin on a Win PC has default permissions that allow the file to be edited by System and by Admin (you). That’s it.

I would assume that a modern OS will not allow a random program edit files without explicit permission or explicit permission-setting changes, especially if it’s a deamon program that is requesting to change a file. So why Ransomware still exists? Are modern Operating Systems that bad in terms of security that a write sys-call from a random process can actully re-write any User file? If that’s the case, isn’t that a poor design choice? I struggle to understand how a computer program, without getting explicit permission, is able to do irreversible damage to an operating system. Why won’t OS developers just make files locked to programs by default, s.t. admin permission is asked first in an explicit way? It just doesn’t fit in my mind that it’s that easy to lock someone’s files.

submitted by /u/AManHere
[link] [comments]

June 19, 2022
Read More >>