Re: Creating effective RansomWare with EME

> On Jun 20, 2016, at 22:50 , Aaron Zauner <azet@azet.org> wrote:
> 
> 
>> On 20 Jun 2016, at 23:10, David Singer <singer@apple.com> wrote:
>> 
>> Isn’t the essence of RansomWare that it relies on installing something?  Is there an installation step in EME, or is it, as defined, an API to a pre-existing module on the client-side?
> 
> I think the essence is that it encrypts data valuable to the user and only offers a decryption key once the user pays a ransom.


Not quite; it executes unwanted code on the host machine to take ownership (‘steal’) data that is not owned by the author of said code and then demands money before it will return said data.

I’m still not seeing how EME can play a part in this.


David Singer
Manager, Software Standards, Apple Inc.

Received on Tuesday, 21 June 2016 11:52:52 UTC