Conversation

Notices

1. Embed this notice
   Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Apr-2026 05:35:49 JST Rich Felker

   How did we reach the point where the recommended action on compromise by malware is "clean OS reinstallation" and not "restore from backup"?

   And like, what is that even supposed to mean regarding your personal data?

   Just to throw it all away? Or somehow preserve it across reinstall, possibly with persistence of the compromise?

   This whole field is such a fucking clowncar.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Apr-2026 05:43:44 JST Rich Felker

     in reply to

     • Jess👾

     @JessTheUnstill I mean maybe that's what they expect people are doing, but "cloud storage" isn't even backups. You can (as lots of people have discovered in horror) wake up one day to find it all gone, and maybe even have that deletion mirrored back to local.

     Redundancy isn't backups, though it's better than nothing.

   • Embed this notice
     Jess👾 (jesstheunstill@infosec.exchange)'s status on Thursday, 02-Apr-2026 05:43:45 JST Jess👾

     in reply to

     @dalias At least for me, I keep all of my personal data backups on cloud storage, so I don't mind just wiping my drive and reinstalling. Hell, I should probably do that more often "just in case". I'm not quite there yet, but I probably could get it down to a reimaging script that automates the whole post-install config and setup

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Apr-2026 06:44:13 JST Rich Felker

     in reply to

     • Ben Stokman

     @benjistokman A proper backup backs up everything. So that you actually get your OS back to exactly the state it was not a clean-install state.

   • Embed this notice
     Ben Stokman (benjistokman@mast.benstokman.me)'s status on Thursday, 02-Apr-2026 06:44:15 JST Ben Stokman

     in reply to

     @dalias OS "backups" don't back up the OS itself just the files. So a clean install IS what you do in this case, then restore user files.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Apr-2026 12:08:01 JST Rich Felker

     in reply to

     • LisPi
     • Ben Stokman

     @lispi314 @benjistokman Is it easy? Do you have install media? How do you get it back to the installed package & configuration state from before the data loss? Without a lot of manual work responding to prompts? If you have a backup it's just a single unattended restore operation. And size of OS should be tiny compared to data so it's not a big additional storage burden.

   • Embed this notice
     LisPi (lispi314@udongein.xyz)'s status on Thursday, 02-Apr-2026 12:08:03 JST LisPi

     in reply to

     • Ben Stokman

     @dalias @benjistokman That depends on what you're backing up and what you want out of it.

     I could use clonezilla for my backups instead of borgbackup, but what I want out of backups is very different. Restoring the OS is a triviality.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Apr-2026 19:46:11 JST Rich Felker

     in reply to

     • Ben Stokman

     @benjistokman Yes, you need to do something to restore the installed package state after that too tho. And it assumes you're on an OS that separates config well like that. No idea how you'd restore Windows...

   • Embed this notice
     Ben Stokman (benjistokman@mast.benstokman.me)'s status on Thursday, 02-Apr-2026 19:46:21 JST Ben Stokman

     in reply to

     @dalias /etc/

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Apr-2026 20:31:00 JST Rich Felker

     in reply to

     • ltning

     @ltning The last thing we need is more locking down against users being able to run their own chosen software. 🤮

   • Embed this notice
     ltning (ltning@pleroma.anduin.net)'s status on Thursday, 02-Apr-2026 20:31:02 JST ltning

     in reply to
     @dalias Not everyone can run on zfs, I suppose.</sarcasm>
     
     There are many fancy features in both windows (restore points) and macos (apfs snapshots) that could be used to make recovery easier, but they're wrapped in so much "feature" fluff and shitty UIs (if any) that they aren't actually very useful.
     
     Also we need file systems that act like RAM and clearly separate between code and data. Some have the `noexec` flag (zfs), but I'm sure there would be better ways. Also yes scripts can still be interpreted, but the interpreter is under OS control so..