this post was submitted on 08 Mar 2026
701 points (99.3% liked)
Technology
82488 readers
3517 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Encryption alone won't prevent ransomware to encrypt it again. The original files need to be readable after all, so they are either unencrypted at boot or appear unencrypted to the (infected) client by machine/session key management. Nevertheless, adding an addittional, ""hostile" encryption layer will make them unreadable. The reasonable thing would be not to use a monocultural, standard setup that is known to be vulnerable to that kind of attack and first of all to get rid of fucking Outlook which has always been a dumpster fire.
Oh man, I always thought if your drive was already encrypted that a hostile actor couldn't encrypt it for ransomware. I don't know where I read that but it was a long time ago and I guess someone lied to me, but it's whatever.
So what's the vulnerability that would be exploited, something about using the swap space to get into the encrypted drive? Or does the attack apply to the outside of the container? I'm curious cause I'm working on hardening my own system currently and I want to make sure I'm not leaving any gaps in my blind spots